eb282e764c5f2fc4677799124deb9746_JaffaCakes118 | Triage

Sharing

General

Target

eb282e764c5f2fc4677799124deb9746_JaffaCakes118
Size

23KB
MD5

eb282e764c5f2fc4677799124deb9746
SHA1

2dea4099607b1091d1a3846872ae69fe413b3f3e
SHA256

74be9e1ab825bc776dda6ea7f8a97449024df11164129a5641256c3f66cb0018
SHA512

49b602f08ce00b9f6108fe0475b0ba83bf9d8e86b7b5e23fc735f091f1b328c41b26714db40ce247742caa97ab20d7184a2b816130f38f33adbcb99579471c6a
SSDEEP

384:qLkw517XRcfnaDtXl1BfN6OkGyBu29NKnMABRPuv67cfnwSAJCieJX3aXRfC:Re5XUapPBfNTk0uNKMuRPCp3aB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb282e764c5f2fc4677799124deb9746_JaffaCakes118

Files

eb282e764c5f2fc4677799124deb9746_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e5cf4cabffcf7bb507a5038e0e4f57cc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

oleaut32

SysFreeString

wsock32

WSACleanup

advapi32

RegQueryValueExA

wininet

InternetReadFile

Sections

CODE
Size: 19KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE