374cf99b3ec7ec3a8c8a44be7dec2879_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

374cf99b3ec7ec3a8c8a44be7dec2879_JaffaCakes118
Size

53KB
MD5

374cf99b3ec7ec3a8c8a44be7dec2879
SHA1

8c819669769e59d384a57d67fbd13cc5c430a1a8
SHA256

2869fcc9aa872850d812c7ab0408d1a5e7ced3054871c4305af3445a9703de83
SHA512

fb6879c7e64df57d32242f1679ab1de33ad58454bf7be658a1d7ac563d7e4fe52c19b902eb28351b4df035c263e211723cb7ca4948b95a4220457f1345a6e598
SSDEEP

1536:/ld2PdgZj3YbPBLMd9swjD3PpOHga/iR/cAsaVNf6+lmBQVDLAE3:/H21gxYzhYdjD3P6iR/eaiw73p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
374cf99b3ec7ec3a8c8a44be7dec2879_JaffaCakes118

Files

374cf99b3ec7ec3a8c8a44be7dec2879_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a90bee0c6060702633a331a218e3a9ad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

urlmon

URLDownloadToFileW

Sections

CODE
Size: 47KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE