34c6259b30c9e760629e5f52a0bdb1b0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

34c6259b30c9e760629e5f52a0bdb1b0_JaffaCakes118
Size

57KB
MD5

34c6259b30c9e760629e5f52a0bdb1b0
SHA1

714d252bc5fcf6fb898656a378bceccd5a5ee98c
SHA256

321398bafab87b8b4fb5697152a718e377f16e3cc4c49804234d1c8f8485f766
SHA512

fe6c9363f05c6364238da084c8cc6969bb6822c811f58659f85fc7a040051dcbabb382a4a5fe95ad5b81d95061e9d6776f7c873d2db9b0f83c566a8384f83b45
SSDEEP

768:krxK2xNBLDPg1BzojQaIHjpe9tyaxP1GnGj7R57KPrCixiH:krs2xjfuzuqHjp0tyhGnjw1EH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34c6259b30c9e760629e5f52a0bdb1b0_JaffaCakes118

Files

34c6259b30c9e760629e5f52a0bdb1b0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

916e9a4b57199cc9ffcd1970820e26a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
GetModuleHandleA

user32

GetKeyboardType

advapi32

RegQueryValueExA

urlmon

URLDownloadToFileA

Sections

.nsp0
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE