231e2976c015eddc6f4c4fe6ae2a5038_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

231e2976c015eddc6f4c4fe6ae2a5038_JaffaCakes118
Size

325KB
MD5

231e2976c015eddc6f4c4fe6ae2a5038
SHA1

6a08edb4fae7999884de8ffabfe1e53639bb60c0
SHA256

6b812ece487c9b8e9bde5b8c9f1e619cd2db8b4f2e478ab5c34ae621049e48a9
SHA512

5fed68f3a96593daa0a7dd4c36c2167c2de3d709c24fe0cc9c2b0ad0ae5126d8d39aebd4a55333858cd0b8bde3ea9a26b4be6d2359ec5590e4df8d11b46895ca
SSDEEP

6144:Kt+DWmyCtMU+MOC0prsmkv9VMOKiu7de6tfzAsq2T0n995VNQBRv3ioI:KnmylFCY3k9VMOKHsIAsq2m5ViB3/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
231e2976c015eddc6f4c4fe6ae2a5038_JaffaCakes118

Files

231e2976c015eddc6f4c4fe6ae2a5038_JaffaCakes118
.exe windows:4 windows x86 arch:x86

54092356b6b4737e0a3a4b32e4e0487f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

comctl32

ImageList_SetIconSize

comdlg32

GetOpenFileNameA

Sections

CODE
Size: 315KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE