82090546793fb2c15b2585f879b804d4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

82090546793fb2c15b2585f879b804d4_JaffaCakes118
Size

210KB
MD5

82090546793fb2c15b2585f879b804d4
SHA1

733d9690af1cf414876020b5f6f5e4dd04c9d4c4
SHA256

a071ac733318c39a05b82a6ada53444e06e841ff477c657714bc640a6cdefd01
SHA512

522ed7c820c00fccb402944a1da1b64c0f382c7cd02defd3a3031aa0813a3ae3e35669b9d93268d84525fc0a1d3e02eff3b4a83ff6a3a3c92cc58db8c958f459
SSDEEP

6144:+O1MT9xL8GDx62FufiYUQowaOB70X+XbxdQhrFm:+O1GfIIo2FuKY0wapOXnQ/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
82090546793fb2c15b2585f879b804d4_JaffaCakes118

Files

82090546793fb2c15b2585f879b804d4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

04f65b42a376c63ba2f9e1d0008d3f08

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CreateStreamOnHGlobal

comctl32

ImageList_SetIconSize

shell32

ShellExecuteA

iphlpapi

SetIfEntry

Sections

CODE
Size: 199KB - Virtual size: 548KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE