16acf5a5a6e2704fa9efd46eceb47d02_JaffaCakes118 | Triage

Sharing

General

Target

16acf5a5a6e2704fa9efd46eceb47d02_JaffaCakes118
Size

2.0MB
MD5

16acf5a5a6e2704fa9efd46eceb47d02
SHA1

a6c9ae7fedc163f7d1685b0ce00209b7a76d595e
SHA256

36eca9a096dd66cfe3ec7109cf63a92be7cbac6003eec316dbf9b8f5b9b3f05b
SHA512

ce1dab316ff094768e8cd57b5f4bc6a57da05ad27ec1f0bd93252e875755bbb3abf0e517b5fcd85795d07c1ca292fba67f54d9df5fc30805e7ff18deb9d51e3f
SSDEEP

49152:aTBCED2rGAUfJR1zau8VQRCfvUchfwE0oEvFX6zVp3Uk2c:yC82rGAMRU4C3UkW9R6D72

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16acf5a5a6e2704fa9efd46eceb47d02_JaffaCakes118

Files

16acf5a5a6e2704fa9efd46eceb47d02_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7e4568bde8b03044cc03c3a9dc72bcb5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

comctl32

ImageList_SetIconSize

wininet

InternetGetConnectedState

wsock32

WSACleanup

winmm

timeGetTime

Sections

CODE
Size: 1.9MB - Virtual size: 6.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE