77c90ee9ab41cd2b430ccf9fec455e9c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

77c90ee9ab41cd2b430ccf9fec455e9c_JaffaCakes118
Size

273KB
MD5

77c90ee9ab41cd2b430ccf9fec455e9c
SHA1

4f08cb1e8154b51019c49008b0d61aadce0b3db0
SHA256

a96b690a2bd7c5c23ea80bcb2e29b30069e2cb07bb609187c495f631c0194c8d
SHA512

74bd58355b2fe541472817c2cd020319f03cc2d916bc4b707bfbd2b35017945d198d2d727f6c16b817c7761079287d5932e63a4aefb754cb5dca0041c3b3462c
SSDEEP

6144:q/dsFJ8B5u+i/U6DYkKzzeFcro8FPghgbK9q+bd3rSxSOH/0aSML:w2uB5u+i/zRKgcr8hguq+kc7ML

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
77c90ee9ab41cd2b430ccf9fec455e9c_JaffaCakes118

Files

77c90ee9ab41cd2b430ccf9fec455e9c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f416b4d3776684df6779eeb22f09722b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExA

user32

GetKeyboardType

gdi32

UnrealizeObject

version

VerQueryValueA

comctl32

_TrackMouseEvent

shell32

ShellExecuteA

Sections

.text
Size: 147KB - Virtual size: 556KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 125KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE