538845df1d0ea7436683e32804c44327_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

538845df1d0ea7436683e32804c44327_JaffaCakes118
Size

305KB
MD5

538845df1d0ea7436683e32804c44327
SHA1

032724857eb295ae122807e56ee4eac7b37a455f
SHA256

ee14c94ba5fcc42e75e38dfde6ae386e3c4d872a28c62fe16a4e41fd7b2d1ac1
SHA512

5e050ca7b82a3f9b0c0b4b19719e8fd38c12dcc43dd054a78a3aee2dab0806e258cbb7ee0853fcf38cca3f805d7acbf83d283516b247a73fc96da0f2c8b31dfc
SSDEEP

6144:VLWQARKyGNXj4+97+fxjx8vTeZMl3zaoPoqZ4Ho3Kf1Mz:VcGhhl+VSbWMl3zoq2H00

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
538845df1d0ea7436683e32804c44327_JaffaCakes118

Files

538845df1d0ea7436683e32804c44327_JaffaCakes118
.exe windows:4 windows x86 arch:x86

51392c83ec1bdd32eb1c60967577ff39

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey

comctl32

ord17

comdlg32

CommDlgExtendedError

gdi32

GetClipBox

kernel32

LoadLibraryA

ole32

CoTaskMemAlloc

oleaut32

VariantClear

oledlg

ord8

shell32

DragQueryFileA

user32

ReleaseCapture

winmm

PlaySoundA

winspool.drv

EndDocPrinter

Sections

.text
Size: - Virtual size: 296KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 273KB - Virtual size: 273KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE