72039474a5b94d7885a518f46dc79608_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

72039474a5b94d7885a518f46dc79608_JaffaCakes118
Size

328KB
MD5

72039474a5b94d7885a518f46dc79608
SHA1

a20e9c2b92b001da78089948a6e4ba82fc050e8a
SHA256

f2b544debf08c0d5188434314e8198f39bf36d50d876da69bb1745fa86e508c0
SHA512

f07247f33dbefd71dd332f683c14e7d81677500f990eae76ce655118f025864abdf77ef6b834a2635ea0aacf322ba226a11800ba0ca7187941e611eed14a9a4f
SSDEEP

6144:vwdUIkuO0JVVMWqBKhFkhriBvSRTKejQn0rITKirgkcayrd+lPFF71xX:YrkuzWWNmli+X8n0rITKm5yxwPH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72039474a5b94d7885a518f46dc79608_JaffaCakes118

Files

72039474a5b94d7885a518f46dc79608_JaffaCakes118
.exe windows:4 windows x86 arch:x86

85c5d4dd7bbc432be8128f34a39750db

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

IsEqualGUID

comctl32

ImageList_SetIconSize

shell32

SHGetFileInfoA

wininet

InternetSetOptionA

urlmon

CoInternetCreateZoneManager

comdlg32

GetSaveFileNameA

shlwapi

SHAutoComplete

Sections

CODE
Size: 302KB - Virtual size: 976KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE