ea6b2a6646e8c2d1e9ad98a5e1762ce5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ea6b2a6646e8c2d1e9ad98a5e1762ce5_JaffaCakes118
Size

442KB
MD5

ea6b2a6646e8c2d1e9ad98a5e1762ce5
SHA1

0bb2eaae17c6f7c6481fe47a5be6ba40a70bdf2a
SHA256

40529aa69ca90433316a479e1e072ebf15cba818c0da0ec4cc92580d42d4aa4a
SHA512

7f67d83f0163c0676fa28aa4551c2c06f9cb79f5f0f329380788be5cebcaa69d037ca43e9ce26387ee435181033b1a32fc808bf5c6497d2178a851cb7f6d56b6
SSDEEP

6144:CkkBNlqu6Rw3KU2L0hGX/OAJcrj+fGf8mA9hB5PaX9LR:C1DquUw3l2L0hGLJc++Q9P5PaNL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea6b2a6646e8c2d1e9ad98a5e1762ce5_JaffaCakes118

Files

ea6b2a6646e8c2d1e9ad98a5e1762ce5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

79eaff4c4ffef4e1a27ffde24c1e33d7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExA

user32

GetKeyboardType

gdi32

UnrealizeObject

version

VerQueryValueA

mpr

WNetGetConnectionA

ole32

CreateStreamOnHGlobal

comctl32

_TrackMouseEvent

wininet

InternetSetOptionA

Sections

.text
Size: 422KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE