033825e9d10f5a5b5fcc35b7f8a54175_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

033825e9d10f5a5b5fcc35b7f8a54175_JaffaCakes118
Size

1.1MB
MD5

033825e9d10f5a5b5fcc35b7f8a54175
SHA1

56556420d366961ce0f04297de3478454b781620
SHA256

da2228e2f37398025186e9bf3252649108891c03e15de9c0ae546ccd39d9dfea
SHA512

784c2bbdb8669de34c53d595d1268da8bb46e9645887f5cb0549ca5e77e11fdb3f42a812a2df4d102ec3789d2cb0bb661848e4e859fb543fdf01b38609015ca6
SSDEEP

24576:LCiFeMlmQ53mQ0LezUBBTAgZb9XoqcvggRbKWNQN9i6yAoO2zE:LTes52TLekRJXINO2zE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
033825e9d10f5a5b5fcc35b7f8a54175_JaffaCakes118

Files

033825e9d10f5a5b5fcc35b7f8a54175_JaffaCakes118
.exe windows:1 windows x86 arch:x86

7c8abe14184660036988d6f66a50caea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

VariantChangeTypeEx

mpr

WNetGetUniversalNameA

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CoUninitialize

comctl32

ImageList_SetIconSize

comdlg32

GetOpenFileNameA

Sections

pec1
Size: 169KB - Virtual size: 424KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE