43bb8480d3a59986234da9931fcfd3e5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

43bb8480d3a59986234da9931fcfd3e5_JaffaCakes118
Size

481KB
MD5

43bb8480d3a59986234da9931fcfd3e5
SHA1

f0f681070244642554c7aa93dbe1b89ea815741b
SHA256

d54edf31725d24e75840d81760bb6bc4ce9978b4dcfdb122dc85d6f835b6a6ad
SHA512

7d31d85d2a395cef42383167b1ace7f8b0763cc35c508b5e33ebb80578cd9a4c7bb50d641fcdb93a6935872638874032b7412c1f0c29918378722cd0a391cca2
SSDEEP

12288:e3cu0en1YUR4j6pVGmoOD34mDC3Q69GTgFl0zXFgEe0+:gcurKzObGmR31m31viK0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43bb8480d3a59986234da9931fcfd3e5_JaffaCakes118

Files

43bb8480d3a59986234da9931fcfd3e5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2a163aba4628d168ad3790b4aee5127c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

comctl32

ImageList_SetIconSize

shell32

Shell_NotifyIconA

Sections

CODE
Size: 468KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE