0f31e17719af15d1ba59845b1c1414b9_JaffaCakes118 | Triage

Sharing

General

Target

0f31e17719af15d1ba59845b1c1414b9_JaffaCakes118
Size

221KB
MD5

0f31e17719af15d1ba59845b1c1414b9
SHA1

d1287990543541bab84b25e14659201c22c6a913
SHA256

b6be5dd146f9af8aea337c7ed20d46c204b6e6326206385bca734cc7880d48a8
SHA512

41559cf5b26d72cb1ddc784a2a76ee446be2ff07cdd9bcd42f78c0bc1fef8c672da72add45110a6097cd541632c31497455d3ebb9ec3f309904b0384dd1c496f
SSDEEP

6144:yYjt2LJR0qBDKPeu1DmGqueBPcCJ+hSUMz0sx6XH:Ljm0qBDEdqu6k1I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f31e17719af15d1ba59845b1c1414b9_JaffaCakes118

Files

0f31e17719af15d1ba59845b1c1414b9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0fb26a78017601c6e87460e9fb88a3a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess

user32

GetKeyboardType
WindowFromPoint

advapi32

RegQueryValueExA
RegSetValueExA

oleaut32

SysFreeString
SafeArrayPtrOfIndex

gdi32

UnrealizeObject

Sections

pec1
Size: 207KB - Virtual size: 496KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ