JaffaCakes118_492ca49b3c372a012eb10a149c7eff70 | Triage

Sharing

General

Target

JaffaCakes118_492ca49b3c372a012eb10a149c7eff70
Size

985KB
MD5

492ca49b3c372a012eb10a149c7eff70
SHA1

934bcf2b0a771a57424c37a6e0ead75888374a21
SHA256

78441058d49a26c4381f1db018ad6f56eaaacb445c70a108f3544d1b3a391484
SHA512

13db5bddd0fa1538366333d535d6aaa021321fcd013e3b3c821916ea40dce0d7c6a768954b89ffbc706f3794187d952b772eb8a91fe9ea775b204a1cb770a256
SSDEEP

24576:MNoYMx2ZB8Xk61KmjBpVGE7EjwSM8AXjYRyfhfevh:Y1MKB8UyjsE7DlNMRywvh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_492ca49b3c372a012eb10a149c7eff70

Files

JaffaCakes118_492ca49b3c372a012eb10a149c7eff70
.exe windows:4 windows x86 arch:x86

a900cce46c67759e2822a509e6acc601

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

SetParent

gdi32

EndDoc

comdlg32

GetOpenFileNameA

winspool.drv

EnumPrintersA

advapi32

RegSetValueExA

shell32

ExtractIconA

comctl32

ImageList_Draw

oledlg

ord8

ole32

OleLockRunning

olepro32

ord253

oleaut32

SysFreeString

wsock32

htons

Sections

.text
Size: 888KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE