f09415518a43f1942db2ad1cfe6ccc75_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f09415518a43f1942db2ad1cfe6ccc75_JaffaCakes118
Size

888KB
MD5

f09415518a43f1942db2ad1cfe6ccc75
SHA1

8807f23b8a5b26ee098689ccbba1bbb65322e803
SHA256

5ab1786b3a2d86f6ed9ece92ae6d56bc84d233d20b4f65b3f027a493e9048f10
SHA512

8fe68f1823e296be554ccf77395eb743bb3e804364c3be3e24edcf23f9784e29fed03f58f91b709700f2ba5251e72c9fe03e612d99e80546f98a6d4b03e740cc
SSDEEP

24576:DqjnZMWq4x3c3KGKrFQYCQUY90HbcVxWArMZ:DSMWPx3c3KGKrO8Uu8bcVwAG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f09415518a43f1942db2ad1cfe6ccc75_JaffaCakes118

Files

f09415518a43f1942db2ad1cfe6ccc75_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1a145978369e8ba1599f81852f23671e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

comctl32

ImageList_SetIconSize

shell32

ShellExecuteA

wininet

InternetGetConnectedState

Sections

CODE
Size: 878KB - Virtual size: 11.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE