2d3f6cf8218bff6ec28854886a23648a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2d3f6cf8218bff6ec28854886a23648a_JaffaCakes118
Size

36KB
MD5

2d3f6cf8218bff6ec28854886a23648a
SHA1

60bcaf2402aa89be974d794ee5935a5c6ece3fbf
SHA256

484403c2e94366b199610f02460c652acc08ee14d7581835913f46362ac71f5b
SHA512

f6916b106091e104c01b369ffdbec5b270fb37625893afa94d7230271684dd91ed563cc94279f839688e324e4d941552a700d5c8dc3a5fe75b4752f2bc787200
SSDEEP

768:oQKdgSR0UzECD3IklkEIjH7+bwYliJwcO3Tm+:oQKZD3IkevnYlcOS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d3f6cf8218bff6ec28854886a23648a_JaffaCakes118

Files

2d3f6cf8218bff6ec28854886a23648a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

88e23bdd960f9c4902391b2f2f696a24

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

shfolder

SHGetFolderPathA

Sections

CODE
Size: 31KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE