63329ca0336bacf5412d4c0a7b4cdfaf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

63329ca0336bacf5412d4c0a7b4cdfaf_JaffaCakes118
Size

945KB
MD5

63329ca0336bacf5412d4c0a7b4cdfaf
SHA1

51579d2780fdc8bfdcc7244b0d4b2d5636a2ce95
SHA256

8a29ed01168144c238f9c0e2ad8d554d44ef4ac5a169b81e22434818048e183d
SHA512

d28dc7be66c02cff7bd16380bc3ce50ecb6a478f2e40241955767289702b7c81d78b9e0adcf2f5c30d9adf0096943a18c82103fc5ff89101c9af7734869090ab
SSDEEP

24576:g/9gOru/ttjlznbYzjAd5WV73fIHH2cHVAX7:g+OQF+3cULgHWcHVa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63329ca0336bacf5412d4c0a7b4cdfaf_JaffaCakes118

Files

63329ca0336bacf5412d4c0a7b4cdfaf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

78327a256d96c9b7653dcf10748a3103

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

gdi32

UnrealizeObject

ole32

CreateStreamOnHGlobal

comctl32

ImageList_SetIconSize

wininet

FindNextUrlCacheEntryA

winmm

timeGetTime

netapi32

Netbios

Sections

CODE
Size: 933KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE