172518ef9cdd3c32ee7b142e47c87789_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

172518ef9cdd3c32ee7b142e47c87789_JaffaCakes118
Size

321KB
MD5

172518ef9cdd3c32ee7b142e47c87789
SHA1

1cc97649ea2f1c2994596ba0e2896c7f1705a963
SHA256

5bec4248f8281a56713c7265bf5ef9f604ca5893749a7ac2b243bf918b1de9ed
SHA512

073e46a495569237fdf6094962a15dd40293d12a98928c3220b3c1966631a0c7e2057a2f7f6436dc5171503e29a42bb01985b0da8e11cde22205274dcd258fa0
SSDEEP

6144:13l3IbK/fJ9rt+AZbTDjdqusj9l519jpAJZai6b6KdRc02ANVyozu:1V3yK/fJ9zZb/hquWP+z6bB2Uru

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
172518ef9cdd3c32ee7b142e47c87789_JaffaCakes118

Files

172518ef9cdd3c32ee7b142e47c87789_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9915217f093a3d3373214df48dacf0e1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

IsEqualGUID

comctl32

ImageList_SetIconSize

wininet

InternetSetOptionA

urlmon

CoInternetCreateZoneManager

winmm

waveOutSetVolume

Sections

CODE
Size: 307KB - Virtual size: 932KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE