760730927108196704c638b1126584ef_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

760730927108196704c638b1126584ef_JaffaCakes118
Size

192KB
MD5

760730927108196704c638b1126584ef
SHA1

2bfff2e156c81fabbe49be2ca4d821c892b03e16
SHA256

5680eaa11136df021b3ae3a42d3157fa147b0f6cdb3fa1fdc87203b033541577
SHA512

9679ef25144c626b7a0ec7572c041d99e22ee070cbcb91fdf318f15ad3a2b37a3475bf7e5cf41cd693a924d58a24a99fe7ead1dc3f2bad05cf247e4ef610af53
SSDEEP

6144:6PXLx+nsmOtSQdcY3k0cTpsQjdfrtqhxaL7k:6/wnPOtSeN3k0cTOQjdj3E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
760730927108196704c638b1126584ef_JaffaCakes118

Files

760730927108196704c638b1126584ef_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b6ab096e95dcc3996853d5320b7c6032

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

urlmon

HlinkNavigateString

comctl32

ImageList_SetIconSize

Sections

CODE
Size: 160KB - Virtual size: 436KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE