0d3b539d7f8253021117d7c621489a08_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0d3b539d7f8253021117d7c621489a08_JaffaCakes118
Size

198KB
MD5

0d3b539d7f8253021117d7c621489a08
SHA1

92738fd6b09666e7b2a7d12eed542fb7f103db87
SHA256

c581a13fbe4ce8c813e255d72cd13df6481da68592f140daeb31d8832cb9a376
SHA512

e78b1727fc5256746501b501e9565e2987125b06a9ec3571c86914bd9138d2c2459f12ca505dac29b6509f9fdf57b676a83ca89986a94db7f4d368de079dd4b9
SSDEEP

3072:dGeeFnGAr9JOJSaaFnfps0Mlp9Lm8WhrETu1EgXZzsXwfWgvD98t:dGeeFGOJYaFnglpLK4CmgqIWM9K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d3b539d7f8253021117d7c621489a08_JaffaCakes118

Files

0d3b539d7f8253021117d7c621489a08_JaffaCakes118
.exe windows:4 windows x86 arch:x86

530833577b0dd943540d06d6e801c13c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CreateStreamOnHGlobal

comctl32

ImageList_SetIconSize

wininet

FindNextUrlCacheEntryA

Sections

CODE
Size: 189KB - Virtual size: 628KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE