17531aa6fffe19e033a41ef7f776f46f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

17531aa6fffe19e033a41ef7f776f46f_JaffaCakes118
Size

30KB
MD5

17531aa6fffe19e033a41ef7f776f46f
SHA1

b626c70bf5725f666d8e44e2b8d04d6c62b8f849
SHA256

8431d4c04e8ccb94bd0a7e91ed45c441f76644d9d0b50d7c64cf3eeb7e91f507
SHA512

691afdc06e34e0c750a72af3dc91a38ac1cc25e6c398a0841b8366c1675f97ce2990a6a4ff906c505f821f19798af1e4493df9d8be5e05653e2e52caef399219
SSDEEP

768:Li3MmTVN/10tqECa6yLHoxQhV/rtsgIGqw2ggBvV2HGMERLpTwccX9O3:L6t/1dVyLISxrtNIG5gBj5TTwccs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17531aa6fffe19e033a41ef7f776f46f_JaffaCakes118

Files

17531aa6fffe19e033a41ef7f776f46f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ad26512e9a025bffa5b645d07fcbfa1d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

wcscmp

user32

CloseDesktop

shlwapi

SHDeleteValueA

wininet

InternetSetOptionA

shell32

SHGetSpecialFolderPathA

advapi32

RegSetValueExA

ole32

CLSIDFromProgID

oleaut32

SysFreeString

msvcp60

?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ

Sections

.text
Size: 25KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE