3046960258c4b28dd456cf358f2fa61f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3046960258c4b28dd456cf358f2fa61f_JaffaCakes118
Size

578KB
MD5

3046960258c4b28dd456cf358f2fa61f
SHA1

4917256b8e7f221c26f807805c677d271e47404b
SHA256

90cd05878f491682789ad449e176f66247a55e90651a5b6bf0f0798eb482ef00
SHA512

a80afe57053f3ee3582f421fdd14ff227570b96ccc435b9bb9ab3a0e8597c6afc4b1d34ceca4867d4560f26fd7503e718b1c9b421dc7947d575f0d038a81aa14
SSDEEP

12288:ylUs4no87SF16fKthPTZNxIPopZx/5asvt:iHO816fKttZNGCPhasF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3046960258c4b28dd456cf358f2fa61f_JaffaCakes118

Files

3046960258c4b28dd456cf358f2fa61f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cd76edb74e79afb2b87ea0f5d81339e0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

winhttp

WinHttpGetProxyForUrl

wininet

InternetGetConnectedState

user32

DialogBoxParamW

gdi32

StretchBlt

advapi32

RegQueryInfoKeyW

shell32

SHGetPathFromIDListW

ole32

CreateStreamOnHGlobal

oleaut32

LoadTypeLi

comctl32

InitCommonControlsEx

wintrust

WinVerifyTrust

userenv

GetUserProfileDirectoryW

version

VerQueryValueW

Sections

.text
Size: 327KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE