7236bb69d004e6a4cc7f43927c25ec1e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7236bb69d004e6a4cc7f43927c25ec1e_JaffaCakes118
Size

180KB
MD5

7236bb69d004e6a4cc7f43927c25ec1e
SHA1

cf41928b63efb5ffb30a83e213d610514dcfedef
SHA256

9ba97995df57aa26a0eba170e3a74bff884ee1a42e744132e01941e37567ce23
SHA512

783af2d67a838bb52dda6f707d921ec4a1958397732004e0901324d1ec6072ce2d85da227e5a9d5f92502eebeab8a765033efeef3be215489e6cda0c800d955d
SSDEEP

3072:MOdQkm7ueAKeHkkmRj32Kl72ZnSE5uIKwaw9S6JhfmzpGQt4De+UBVli/lGAArlo:MaQDSKuBijGeiVSsKw/LJElLt4a+UfwD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7236bb69d004e6a4cc7f43927c25ec1e_JaffaCakes118

Files

7236bb69d004e6a4cc7f43927c25ec1e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e8fe7906ecc417f14bab98df5682c48c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

comctl32

ImageList_SetIconSize

user32

CreateWindowExA

gdi32

UnrealizeObject

advapi32

RegQueryValueExA

version

VerQueryValueA

oleaut32

SafeArrayPtrOfIndex

ole32

CreateStreamOnHGlobal

Sections

CODE
Size: 172KB - Virtual size: 516KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE