5c26c070598dca0fd2890029fd33254c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5c26c070598dca0fd2890029fd33254c_JaffaCakes118
Size

636KB
MD5

5c26c070598dca0fd2890029fd33254c
SHA1

b8cc3f8d74c64820b8f2449a7e2cd9d40c53f32e
SHA256

97236db1631812e619e0ad9391c468a1a06b92f1db8afefeed088af49d33d84b
SHA512

b62ff35ce57ca2efac8ddeee6dabeec399b4dade2453cfea8c6167993f1887b187e916af3b41c056a256b40d0b77dd1aa108251bd56031cb6b51c5eed6859301
SSDEEP

12288:3XMh0qzGkKd6R/1kwL0Bh6rdlXPSr1zmjqeRfLWibV:38h0qzGbyN0WvSpq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c26c070598dca0fd2890029fd33254c_JaffaCakes118

Files

5c26c070598dca0fd2890029fd33254c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bb20ede23ee92316aa763135529309ad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CreateStreamOnHGlobal

comctl32

ImageList_SetIconSize

shell32

SHGetFileInfoA

comdlg32

GetOpenFileNameA

Sections

CODE
Size: 492KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 142KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE