62d064d785ffa52dd2cb7160467174c2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

62d064d785ffa52dd2cb7160467174c2_JaffaCakes118
Size

237KB
MD5

62d064d785ffa52dd2cb7160467174c2
SHA1

6c1871f39eff7e8502d3b34a9cdc6618358a7b26
SHA256

a8a69707f9988f2f531de5fb8c59f38d973f0be448b786c0aba1e21f1137196b
SHA512

e9f3a9d5906c8a134471e30de91de2a73ead322d32d09562b2c8a779c58287f972b098800f123688becb485e1a3a3edf72f063dd12a8e319900d6281734a8381
SSDEEP

6144:SS75mCUIoFbSu0A3DFda6cakG5NEX05U6aSQawa5ELwV:TMRSu7TzQU5NEE6jSV3E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62d064d785ffa52dd2cb7160467174c2_JaffaCakes118

Files

62d064d785ffa52dd2cb7160467174c2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0def76901b21ce2a664b9b5a04902feb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CoTaskMemFree

comctl32

ImageList_SetIconSize

wininet

InternetGetConnectedState

Sections

CODE
Size: 227KB - Virtual size: 700KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE