28c24c1eb6e35986a2d745c5a7320d5f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28c24c1eb6e35986a2d745c5a7320d5f_JaffaCakes118
Size

40KB
MD5

28c24c1eb6e35986a2d745c5a7320d5f
SHA1

804451bb4e53fb1cddb28d4c94f47d3d2d8ba567
SHA256

9eb6aace97786e3bbc6603ab0ce571fac1919d4f5476784c2c984a70cf826fb8
SHA512

ac1c78dfbd3b290299537ac7f8b782cd1d6a8c43375bdfbd3c6fe116f950047838931ca0770d62af21be9f458808cfdcb5e9b0f1847079de35c217c1a0a39271
SSDEEP

768:ua85Rrrgcc02Jh51kYM2bvkpvmiV+saOHkg1qIBpCTeqSNs+8v:T85l27h51kYM2eeraHkg1NpCCqUDY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28c24c1eb6e35986a2d745c5a7320d5f_JaffaCakes118

Files

28c24c1eb6e35986a2d745c5a7320d5f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

29d4d9a4e535bff721362e89820bef9e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExA

user32

GetKeyboardType

shell32

SHGetSpecialFolderPathA

Sections

.text
Size: 35KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE