75ee9ddaba8aadaa47cc1bdeca670c1f_JaffaCakes118 | Triage

Sharing

General

Target

75ee9ddaba8aadaa47cc1bdeca670c1f_JaffaCakes118
Size

319KB
MD5

75ee9ddaba8aadaa47cc1bdeca670c1f
SHA1

62a2bd963887f24b0c9df5d73d9a6bd42e5336dd
SHA256

5a7e041aef4db799c26ac71ea5540ae3d958f4ec3ca3ba45baa012851028c379
SHA512

668b6c2fe5c7750748bb840f0c35ccab772394b744dbd7ae1bc9bde3ef5e7558f04f6f781667586b6f5b9c36b488b49f38f74e14dc0ed0929c7965b427a274d3
SSDEEP

6144:OxDvpf0Z4vJ1gOTPDzuUH32kYQGDxdg3chjY88EtTxbXYpE7G:YjJ0UJDD682GGGMjoe1XGE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75ee9ddaba8aadaa47cc1bdeca670c1f_JaffaCakes118

Files

75ee9ddaba8aadaa47cc1bdeca670c1f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f95c3d489bb12bcbac4bf2fe9e9a9ceb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

comctl32

ImageList_SetIconSize

shell32

ShellExecuteA

Sections

CODE
Size: 298KB - Virtual size: 920KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 10KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE