4671eaf981a180b4f61ecd5d52cd2a5d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4671eaf981a180b4f61ecd5d52cd2a5d_JaffaCakes118
Size

437KB
MD5

4671eaf981a180b4f61ecd5d52cd2a5d
SHA1

3357eef734fda047fe6006eace73a667beb0c771
SHA256

cd8bc912fa45f095756f68d73ef3f130241f475bbd7eba3ee567c6a9864d073a
SHA512

7988b62e6d0ab474e2458d39f91727172034e9c1de59f4d5211d4480a0a6a4496ca162823bd6c8a68035bcab86e84c5abf3da721dca1f1ee3d825ca3dd243db1
SSDEEP

6144:hebfT6XeYd8UN3Gyo5L5Rt1dWm5CLjq6bJa5o9RhMuBg8wk8Z+u:hrXeYOvr5L5zKL20f9zbjwkPu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4671eaf981a180b4f61ecd5d52cd2a5d_JaffaCakes118

Files

4671eaf981a180b4f61ecd5d52cd2a5d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9915217f093a3d3373214df48dacf0e1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

IsEqualGUID

comctl32

ImageList_SetIconSize

wininet

InternetSetOptionA

urlmon

CoInternetCreateZoneManager

winmm

waveOutSetVolume

Sections

CODE
Size: 354KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 81KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE