829374f4ae5cecf8acc6131b160ec405_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

829374f4ae5cecf8acc6131b160ec405_JaffaCakes118
Size

172KB
MD5

829374f4ae5cecf8acc6131b160ec405
SHA1

9bf69db60904fa96300820a77b584bdab9715e5c
SHA256

859d353d25dcdfe9fea4c79063f33f5ed64f028c394e22b3513db1a4289ff596
SHA512

43dffe62b604ac4ce1e8df4a03290e7b64b67419ec25b1cb4c5ed627c82d1c9e59b6b0b9bbf314efcb0175c83d38eabe73289875e45df12b2a2a8f5426942293
SSDEEP

3072:WWpEFlgV6Gwb0VZM6BEpGHqCSZAbOTFZdhV4fsLE:gFD94LPBQOOTF5VZE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
829374f4ae5cecf8acc6131b160ec405_JaffaCakes118

Files

829374f4ae5cecf8acc6131b160ec405_JaffaCakes118
.exe windows:4 windows x86 arch:x86

57afac84db73d1ece27aa86a7f71ac83

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CLSIDFromProgID

comctl32

ImageList_SetIconSize

wininet

InternetOpenUrlA

urlmon

URLDownloadToFileA

Sections

CODE
Size: 162KB - Virtual size: 476KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE