1786291b29fc5b08b7c12531f76b50a9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1786291b29fc5b08b7c12531f76b50a9_JaffaCakes118
Size

44KB
MD5

1786291b29fc5b08b7c12531f76b50a9
SHA1

7ead7071a3a93ca9030c31ac3a91fce6cd872344
SHA256

ffee9aa74975122a63dd3b03145ac15ebc86eeb11af3fd1b2126ea2decda54a8
SHA512

2fa61f61646f983e6be85ce2626b07cf216be2f38db4deb7052782789d74ee9881fc3be81eb38a468086359bae1e9089790dc8b4a47d28eab59d882fdd2006ba
SSDEEP

768:ieEPfsbr2GwZ1SRX2XrVQy508Rv/IgQnOorbxkhqDove/v7pe0Z3O:RjP+Um7VQyNQnlbxkhqEve9U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1786291b29fc5b08b7c12531f76b50a9_JaffaCakes118

Files

1786291b29fc5b08b7c12531f76b50a9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

29d4d9a4e535bff721362e89820bef9e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExA

user32

GetKeyboardType

shell32

SHGetSpecialFolderPathA

Sections

.text
Size: 39KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE