3cda2f564804a7641fcc2ad756cfd3cf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3cda2f564804a7641fcc2ad756cfd3cf_JaffaCakes118
Size

273KB
MD5

3cda2f564804a7641fcc2ad756cfd3cf
SHA1

8b4adaf1caa1d4a42c9f03b84bb2c34d5a9e7dd9
SHA256

90c2f0b8ef65cc2efac046b9443438e8965fd691c8db7cef4f515d1b98b0f9fd
SHA512

078cd4ae9e3267df29f3603240074c8cf568c20530f0802fd6434715d41d7f6e63a21e2e2c01faa6e0745630d9823c56161ff1cde175f5cf13abb40119deff42
SSDEEP

6144:rcYUOKt8mSVhGnRoz7MuMT7lS9PRJgeJdziDalt/x89Z/+qpSZ:wYUPt8PVhGnRJuMt2RJgId2wp89hP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cda2f564804a7641fcc2ad756cfd3cf_JaffaCakes118

Files

3cda2f564804a7641fcc2ad756cfd3cf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f251e63905aa3e04357a3755ce380175

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExA

user32

GetKeyboardType

gdi32

UnrealizeObject

version

VerQueryValueA

ole32

CoTaskMemFree

comctl32

_TrackMouseEvent

winmm

waveOutWrite

Sections

.text
Size: 250KB - Virtual size: 744KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE