558888baaa0f1a3fbb6501fbd80b1259_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

558888baaa0f1a3fbb6501fbd80b1259_JaffaCakes118
Size

1.2MB
MD5

558888baaa0f1a3fbb6501fbd80b1259
SHA1

c877031881f80618b29bb4586af673e27f70e7ea
SHA256

fa43605658e9dca4638c1a398bd6de2c2d58c2f8fcec730e962b84a7ad5407db
SHA512

3d0ac665ef5f5ab14e05658ddb08a115f61b67431ad2f0f5004396833fd617378717589ac5f3dbd8a863119688ce9b31c5ad621036da20eec3cffda84778bc4b
SSDEEP

24576:LQB3RysDwwzq8rbquRMZaIXXWDwI+7I49oID5t1eTi9jfPpILub:LQpGwVrbq9zrD7IOoM1e2Byi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
558888baaa0f1a3fbb6501fbd80b1259_JaffaCakes118

Files

558888baaa0f1a3fbb6501fbd80b1259_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6381bfe46ec823d4147b857496e4a7b5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExW

user32

LoadStringW

msimg32

AlphaBlend

gdi32

UnrealizeObject

version

VerQueryValueW

ole32

OleUninitialize

comctl32

InitializeFlatSB

shell32

SHGetFolderPathW

winspool.drv

OpenPrinterW

winmm

timeEndPeriod

msvcrt

sprintf

wsock32

WSACleanup

Sections

.text
Size: 1.2MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE