43efc67e389e7c7b85918da98148286b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

43efc67e389e7c7b85918da98148286b_JaffaCakes118
Size

302KB
MD5

43efc67e389e7c7b85918da98148286b
SHA1

8153eea757adc91951f676a3b80c0ee637dfa645
SHA256

ab95ca3227debeebabd427be058d665a101279331368fe81a6ace705f0d17796
SHA512

7f99e6d85900d1cc72809d8833677855018cb9fa5b4d436f70ee9ec1c407cb45176bd4369a30fd2e1f3e89b5a459f9601af8cdae84b6c47837c26c25c9d8d8c1
SSDEEP

6144:SJCkB42Y6pDCbqwbuM/lG4wuM3Xz90iKyM0aqckqe2j5RYREZysWDRRX:q/YFW4mXz9V/Ph2F6HBX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43efc67e389e7c7b85918da98148286b_JaffaCakes118

Files

43efc67e389e7c7b85918da98148286b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

47e315ab4038a2889441397ab1aa40ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

version

GetFileVersionInfoA

advapi32

RegSetValueA

shlwapi

PathFindExtensionA

iphlpapi

GetAdaptersInfo

user32

InflateRect

gdi32

CreatePatternBrush

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA

shell32

ExtractIconA

comctl32

ImageList_GetImageInfo

oledlg

ord8

ole32

StgOpenStorageOnILockBytes

oleaut32

SystemTimeToVariantTime

ws2_32

inet_addr

wininet

HttpOpenRequestA

Sections

.text
Size: 249KB - Virtual size: 632KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE