7374402f72f6c4a79761a83cd5c4c59c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7374402f72f6c4a79761a83cd5c4c59c_JaffaCakes118
Size

210KB
MD5

7374402f72f6c4a79761a83cd5c4c59c
SHA1

11452b867559e666f65eb63d24848646139cbe0d
SHA256

1f9294f88ac1051de35490bbd1e94ff855d46ebf60ac544b95e1d0f539c8c869
SHA512

47ffe8448c4709103df63ac0b1b0ec59842b95fea1dafa031b854027e659558606fd7a540984a66d79fe0e1ab198bf92e416a12922c4eb0171acdf7bbbab7521
SSDEEP

6144:dwMncVBKNrULUWI06smhFz21AWq8y/eYfp:dwMn0BKiLjIXsmhAACop

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7374402f72f6c4a79761a83cd5c4c59c_JaffaCakes118

Files

7374402f72f6c4a79761a83cd5c4c59c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e809f28e6e44d2530ccb33e51a417cef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CreateStreamOnHGlobal

comctl32

ImageList_SetIconSize

netapi32

Netbios

Sections

CODE
Size: 202KB - Virtual size: 608KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE