414b3aac54aa22345d2ae82f6a73525d_JaffaCakes118 | Triage

Sharing

General

Target

414b3aac54aa22345d2ae82f6a73525d_JaffaCakes118
Size

978KB
MD5

414b3aac54aa22345d2ae82f6a73525d
SHA1

f9fb61eb43de1ac80fb1384f41a40abb34d81361
SHA256

2f0a95071469fabfe28ea27a3d83f37637cca8671ca49d49c7043d4cc4757129
SHA512

857e31995e29fdc50c61974a927ab42ed24c30281db162d24051846e8b51361360e9bee1e72a50285d97dc2ef827798c0132b4bed07ecda0555ba451638b260d
SSDEEP

12288:oeHP7RzzsjpbvYzk8a6FwG/TH5sQkaptGr/EHt2AdS2XT0sTUu908JH02Gfomnng:Z7Rzg+zkF6f/THmnzr8N2anTm7f7n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
414b3aac54aa22345d2ae82f6a73525d_JaffaCakes118

Files

414b3aac54aa22345d2ae82f6a73525d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d9111fe3e1bd3c3385a05244e860208f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

oleaut32

SysFreeString

advapi32

RegQueryValueExA

user32

GetKeyboardType

shfolder

SHGetFolderPathA

Sections

pec1
Size: 46KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 930KB - Virtual size: 948KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE