31e15debae61d75bc43a2423a84c962b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

31e15debae61d75bc43a2423a84c962b_JaffaCakes118
Size

2.3MB
MD5

31e15debae61d75bc43a2423a84c962b
SHA1

4dc26067503eb1845322a61609074b7098fc229c
SHA256

be458ca78d452ceb27b1c2dc852f218370603a7b5e8af71b875772bf278f575b
SHA512

968dcbced0a9b1a6f94aba6eafda68f7d2ade55707a2a28da3eec34a740f636de6fbc37502ec3517069d739679ac61d2b07ffd3a37b8477f0e350abc112013e7
SSDEEP

49152:D0aH/uSK0ligOAHlQFivzQZAJWl3gxa7nBwWn3saQGKZRmcyBx5HiComxA7c8AIO:DvHbTcYQFi7IWxa7BBQGimcGCmxAA8A5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31e15debae61d75bc43a2423a84c962b_JaffaCakes118

Files

31e15debae61d75bc43a2423a84c962b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fdc2223592abb92ff32da79920c228bd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CoUninitialize

comctl32

ImageList_SetIconSize

shell32

ShellExecuteA

wininet

InternetGetConnectedState

wsock32

WSACleanup

netapi32

Netbios

Sections

CODE
Size: 2.3MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE