787560ad1f04c9a151b4781522d3896e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

787560ad1f04c9a151b4781522d3896e_JaffaCakes118
Size

45KB
MD5

787560ad1f04c9a151b4781522d3896e
SHA1

bf96fecb96e93e9f2fae91172cf85c181b9c98e9
SHA256

6230c8a041eb36b6f768fabfef08b2f5c683430152afd77705ecef5228a9650b
SHA512

16d36e715705f2a72deccb22a8e79d86c79629cfcf5b227c705b5e551f56da29e9a588bf36e7690b74f4fc938b06ae65e21ccba5fc1a69f021ad72328f210087
SSDEEP

768:LwTukTPTBKhmGjam9HczJqoBRV+CsGlsdnBqhmef1hXLssk4fBf0YU7sw8XB:LKNTPmTczJZbXPsdVI1lLh1Ysr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
787560ad1f04c9a151b4781522d3896e_JaffaCakes118

Files

787560ad1f04c9a151b4781522d3896e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

29d4d9a4e535bff721362e89820bef9e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExA

user32

GetKeyboardType

shell32

SHGetSpecialFolderPathA

Sections

.text
Size: 39KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE