29c78f5df2efbe0ed2675c0a69536e4f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29c78f5df2efbe0ed2675c0a69536e4f_JaffaCakes118
Size

84KB
MD5

29c78f5df2efbe0ed2675c0a69536e4f
SHA1

feba25b0de9c68026699edf9e01212c3e7ad1536
SHA256

cc75f83162b0641f491a2357db914b3216132db98a1ec9681f1066e1512332d6
SHA512

b2d5d10d09f4d43335a19bd1d9aa0f42c6d2ca539c3869461b5bbb30ccc06c7a44a39cf7d4802e9d29151bad4454dc665dea358ea92a189dac9225989e7b227c
SSDEEP

1536:Ct3VmWgtN0f5B4hgwf14Pt6Ei3lrdTYHxHue+AvvhH6XVsD0J0vS+AE:IkW2efnPwfuPt6L3l5TcBuedhH6XV305

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29c78f5df2efbe0ed2675c0a69536e4f_JaffaCakes118

Files

29c78f5df2efbe0ed2675c0a69536e4f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5796d02f00bc2b049f9a3f69dbfddbe6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

gdi32

SetTextColor

winmm

waveOutWrite

Sections

CODE
Size: 76KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE