4d835e182651d570aa78413bcbdeb551_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4d835e182651d570aa78413bcbdeb551_JaffaCakes118
Size

188KB
MD5

4d835e182651d570aa78413bcbdeb551
SHA1

5e336b54cbffd9f38ff81550790fa98cd2f0c35a
SHA256

040ece43256ad5296c039b0d0dd8875b450923eac88afb240d7a401725242b41
SHA512

3ff76e7bb5acbc7223f049eca56ea0c1805b7596af00353340277b207a2d52bb6e7ba55ded232beebc2be5ad945b7cde906ad4f8fad0f3c6673dde5238a98c1c
SSDEEP

3072:wgrl9uyzGT/nyToDMn3tRAWuxejhqLyXnkDWnTuVUoJ9:5nSyMDckHmkDosUoH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d835e182651d570aa78413bcbdeb551_JaffaCakes118

Files

4d835e182651d570aa78413bcbdeb551_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e59c23898b137b95c974d399bbc54dc8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CoTaskMemFree

comctl32

ImageList_SetIconSize

comdlg32

GetSaveFileNameA

Sections

CODE
Size: 170KB - Virtual size: 516KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE