f6190df048bb656470ba3c4d6810dc55_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f6190df048bb656470ba3c4d6810dc55_JaffaCakes118
Size

142KB
MD5

f6190df048bb656470ba3c4d6810dc55
SHA1

ebfded549b24e1945a0b4d81aea08740beb42578
SHA256

7afb283cce73efaa3816937eacc87b381bb66aa42db61ec1446f27e8a822a2e6
SHA512

bcbcb3ac98a4ebc9e71d1dab0e4b6bd357306957fbd0f1670378f835d475cc69fda51cf6c6b64afb1ef730aaf05c528036e3413f4f1591abf20635a5282b6497
SSDEEP

3072:Y3IBAB0cUFFCN+6VOOtWTRAez0tGZLtY9CtQF1h2pBNL8gXhYeU5f:eIBAB0cUFFGgxVAezSGJtCtF1h2LNL89

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6190df048bb656470ba3c4d6810dc55_JaffaCakes118

Files

f6190df048bb656470ba3c4d6810dc55_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d2bbddb8c010773f04c2d9dd29668462

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

comctl32

ImageList_SetIconSize

shell32

ShellExecuteA

urlmon

URLDownloadToFileA

Sections

CODE
Size: 133KB - Virtual size: 380KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE