2eead4e06e1bc824aaba476c64eac8a6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2eead4e06e1bc824aaba476c64eac8a6_JaffaCakes118
Size

322KB
MD5

2eead4e06e1bc824aaba476c64eac8a6
SHA1

160e6913a2407b2f9795223687c57ed8f5fbde50
SHA256

d959b74d30695063e4e44489f5906ff981f44ac8071034ae63beb304754255d8
SHA512

bd027ae9b433f2f4fd1e35cf488d328f759bf505f1abca54663ff64c5f4f8fbbaf8caa4c6a465c91f1bedd1cc9a034f8747eaed3450c73ac6b0b26f69acf41d9
SSDEEP

6144:r/BxOQNU8bCp1H7kyggYhea8Ch8fMNMwp5BOr5/Lu66+5Yzfe:rJxXtORgjh/OfML5Bq5p6+Mfe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2eead4e06e1bc824aaba476c64eac8a6_JaffaCakes118

Files

2eead4e06e1bc824aaba476c64eac8a6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4e13f8d3fc6ea8c0dab111694dc4906b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExA

user32

GetKeyboardType

gdi32

UnrealizeObject

version

VerQueryValueA

ole32

CoTaskMemFree

comctl32

_TrackMouseEvent

wininet

InternetGetConnectedState

shell32

ShellExecuteExA

Sections

.text
Size: 310KB - Virtual size: 988KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE