605f43f2fc71451eea71d1def4e22253_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

605f43f2fc71451eea71d1def4e22253_JaffaCakes118
Size

541KB
MD5

605f43f2fc71451eea71d1def4e22253
SHA1

2f1428f00009295aef8e1df753b89850e5a5d9de
SHA256

ccf8de18f83b734bb32fc88876e8a03f5fac09955faedcf969a2b66a5d562bc4
SHA512

2936d9604b950b2c0d9b1f365ca5e5d8214b5a79832a768b02aa43eb9d4a14788da79febb27810caef62dd17b59df18c616fc1137f498726a3da8110bb491232
SSDEEP

12288:XaZzdi3Viq6pQM5esjZAtvLYYE9520WGWTa94:XaZzdi3QqiQqTl+v8REeWTa94

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
605f43f2fc71451eea71d1def4e22253_JaffaCakes118

Files

605f43f2fc71451eea71d1def4e22253_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aba3e424b0a13114842d9aa95c381fce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

mpr

WNetGetConnectionA

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CreateStreamOnHGlobal

comctl32

ImageList_SetIconSize

shell32

Shell_NotifyIconA

wininet

InternetReadFile

xsecdll

desinstalador

Sections

CODE
Size: 503KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE