65da52401843d6f969a8a213ec6d2814_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

65da52401843d6f969a8a213ec6d2814_JaffaCakes118
Size

379KB
MD5

65da52401843d6f969a8a213ec6d2814
SHA1

0edccee18c868935947e6719a568aed11ddbe468
SHA256

22cbe5a48b2a7489e77c048cb2cd4a4b2f1c9229861abad16cbc2ecd18e65889
SHA512

343f33db3870d9837ab38b82b240195d3051a4248695ba180be2db2877fa2a3df69e6a52962f04277860580bf22cd025097d7295aed44159131e1989ee6c0f5a
SSDEEP

6144:M2I8qfGMVzOtdhERUHj9UsU1CaDSGmGd30V78INUTk2aT+ali06u:BI8qpN+/msU8RG/30V4ICTJaxlAu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65da52401843d6f969a8a213ec6d2814_JaffaCakes118

Files

65da52401843d6f969a8a213ec6d2814_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9915217f093a3d3373214df48dacf0e1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

IsEqualGUID

comctl32

ImageList_SetIconSize

wininet

InternetSetOptionA

urlmon

CoInternetCreateZoneManager

winmm

waveOutSetVolume

Sections

CODE
Size: 345KB - Virtual size: 1024KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE