4500cfcd6d62af1bd9de6a486939139d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4500cfcd6d62af1bd9de6a486939139d_JaffaCakes118
Size

152KB
MD5

4500cfcd6d62af1bd9de6a486939139d
SHA1

b408e6180585808e474b37ea26f031de7b8c13b5
SHA256

899bc612031ef428bbf745e39be3abacf2dd28b3fc0f59252a764e04bd07fac2
SHA512

b8b52b70da6ff92c18120711e64130887111f4a1dc9f74cee910fd75476f6e1261e37626273490f8e9f45329dd42632798a1649942091397cab6045dc27c5341
SSDEEP

3072:26rGvprm2UX3DHqm5mZUPV4KJVLG6OTyUavkP+cIFN5LDGAiZ:rSvVA3zh57PVrX+eUvPP+5LD3iZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4500cfcd6d62af1bd9de6a486939139d_JaffaCakes118

Files

4500cfcd6d62af1bd9de6a486939139d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0f86de74dc412138c29111a185ededfc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

OleUninitialize

comctl32

ImageList_SetIconSize

shell32

SHGetSpecialFolderLocation

Sections

CODE
Size: 143KB - Virtual size: 416KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE