69618651cf78af1599077d5c49f5f5e1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

69618651cf78af1599077d5c49f5f5e1_JaffaCakes118
Size

3.8MB
MD5

69618651cf78af1599077d5c49f5f5e1
SHA1

9f0bd68301859ab46a15989bed89b39271728fb4
SHA256

d44c6eac5a1f635fe6d0612c142bb993e5be7458e74f9ae60a2a0b2ad2196839
SHA512

382a533838c546e588b10ee0e6d374a411583f39cf461d752b70fe68129b5d7f0b3fc651ac7bfbd656f342006e718aaa6b55fe1fe48a3a2835b639f848a94019
SSDEEP

98304:uNVgh3/IK63xOHmrU43O/MHlR7KdZSRWJ:7h3/2xOHmZ3O/MHL7YZT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69618651cf78af1599077d5c49f5f5e1_JaffaCakes118

Files

69618651cf78af1599077d5c49f5f5e1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b86cf5ffb2bcd9cd06d59b287065b137

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CoUninitialize

comctl32

ImageList_SetIconSize

wininet

InternetGetConnectedState

Sections

CODE
Size: 3.8MB - Virtual size: 13.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE