3dd2d47147daba01fd1aea56577c29eb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3dd2d47147daba01fd1aea56577c29eb_JaffaCakes118
Size

91KB
MD5

3dd2d47147daba01fd1aea56577c29eb
SHA1

ca1a411291cb69d98868ba1b68e6774983dfd3c9
SHA256

3c54da2800cced8ab1ea9f31519779da571569c1c3868f8ec5d5230d401fc158
SHA512

255973cfcd84baa85a00f731994e315099b47e1d5c3bf43b92c86042068ec3ccbf2cc6c521fe4b72bdb01c40c1897e2399724333d1b6e1960b886898cf45129d
SSDEEP

1536:X/q2j3x7Cqm7id1pvcVW4Mgghjbh9hWLizw8zehWAszdIWmt:X/V92qm8pvb9gghjbhv/E/hqtmt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3dd2d47147daba01fd1aea56577c29eb_JaffaCakes118

Files

3dd2d47147daba01fd1aea56577c29eb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d47cc45f94090dc489d406a5b9fa7dfa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExA

user32

GetKeyboardType

mpr

WNetGetUserA

wsock32

WSACleanup

shell32

ShellExecuteA

wininet

InternetReadFile

ws2_32

WSAIoctl

Sections

.text
Size: 85KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE