3dc5efbb17989726f3dc6ce77e1a1559_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3dc5efbb17989726f3dc6ce77e1a1559_JaffaCakes118
Size

173KB
MD5

3dc5efbb17989726f3dc6ce77e1a1559
SHA1

590a929346749713a57e01082b4c0295bed8dc84
SHA256

6f3e9aea90c32dc1e243ef026308c1b49158747622cfc462d47434bf64a121ca
SHA512

907b2b4df5124197f9bcd8b3193fe16644dbd3b757241dc7f88add7c151c4caa1f18d3cdda9266e087894f5d8a71a3e6841e09579f29ae36112ff26c2f387823
SSDEEP

3072:x63K3tmFUufCKyTrFi2qSdtoPnd8QhB0LxnPKGQq3xttA2Bj8F0eQHw6:X3AJfCKwrFi2JoPdl2JokZA2BjO0/B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3dc5efbb17989726f3dc6ce77e1a1559_JaffaCakes118

Files

3dc5efbb17989726f3dc6ce77e1a1559_JaffaCakes118
.exe windows:4 windows x86 arch:x86

477e87c04ac800f796be68c67e83bf1b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

winmm

waveOutUnprepareHeader

user32

TabbedTextOutA

gdi32

SetMapMode

comdlg32

GetOpenFileNameA

winspool.drv

OpenPrinterA

advapi32

RegSetValueExA

shell32

ShellExecuteA

comctl32

ord17

oledlg

ord8

ole32

CoGetClassObject

olepro32

ord253

oleaut32

SysAllocStringByteLen

Sections

.text
Size: 165KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE