4c3434c48aff166b11f01dd7f281bdf1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4c3434c48aff166b11f01dd7f281bdf1_JaffaCakes118
Size

740KB
MD5

4c3434c48aff166b11f01dd7f281bdf1
SHA1

e4ee709496bfb9b8c90c4142688b8291931e97f0
SHA256

6bc1ac87017fe8ecd2a9b35d003a46287f1ce0465e874c6b3bed69637352776b
SHA512

c41b38f722f20654ad0996c6f3f408d7ee18439bcfc5cf3baf5515e875d4a9eb6842060a453dae4a16cde74a009afd7e9094f929cc686f6eb81d3d75a983825c
SSDEEP

12288:mMvx+auwnfYyjFf0MWeGNBnZqnywOlPewyewOgXmnPKMKb0RCYj1syf32swd:mMvI0YyZf0MW3BnZqnXO5g2nShILxsyk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c3434c48aff166b11f01dd7f281bdf1_JaffaCakes118

Files

4c3434c48aff166b11f01dd7f281bdf1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fba4e5af67aab991208d9bf8369533bd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExW

user32

GetKeyboardType

msimg32

AlphaBlend

gdi32

UnrealizeObject

version

VerQueryValueW

ole32

CreateStreamOnHGlobal

comctl32

InitializeFlatSB

wininet

InternetOpenUrlW

shell32

Shell_NotifyIconW

comdlg32

GetSaveFileNameW

crypt32

CryptStringToBinaryA

Sections

.text
Size: 730KB - Virtual size: 4.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE