3e26f51ad26da3e41da2cfb52296eed3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3e26f51ad26da3e41da2cfb52296eed3_JaffaCakes118
Size

223KB
MD5

3e26f51ad26da3e41da2cfb52296eed3
SHA1

c9f3f72f9d8d2f79134ac568fb44fd6782a2c372
SHA256

cad69e1a9e48869ee9c03b5d6906425b1bab8c2af48d9fe70effc4893b9d5030
SHA512

8ddda6d7d489e48fe9f8021a845eb6c094c02778af668827fbbc00de7fa2ef2296a91cd5ca9020b97d48cc691a91ed16395497eba505430fe3e77d052062e923
SSDEEP

3072:8TmKaE4AAjuX7cnqCAjvbOkXOwvy3zZJeqm6vioPtMk4mxcrMuE+grDsw/4cQY3X:8jVACLH5ikvo3viUx8yrDsU40JjAKZ2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e26f51ad26da3e41da2cfb52296eed3_JaffaCakes118

Files

3e26f51ad26da3e41da2cfb52296eed3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c136baad615a1e1880f5e5b30e6e9e1d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CreateStreamOnHGlobal

comctl32

ImageList_SetIconSize

shell32

ShellExecuteA

wininet

InternetReadFile

imm32

ImmGetIMEFileNameA

Sections

CODE
Size: 189KB - Virtual size: 600KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE