839a5d534aa6bbe4fae50f6e980c5c65_JaffaCakes118 | Triage

Sharing

General

Target

839a5d534aa6bbe4fae50f6e980c5c65_JaffaCakes118
Size

315KB
MD5

839a5d534aa6bbe4fae50f6e980c5c65
SHA1

8dae94452642f13ce53f88b9c4c0f067570b08b7
SHA256

2a82d95f92950fd16954a62bdadd5561c3fe9b33cf73eb07bffeaa8c90d84831
SHA512

4d97b9fee213c720f4c6b9e2281bc19e87901370c35c55f9f6f3b4df4bcf9212b032a75881938017c32acf9ef48cf055b85b358f48e567014fb0ed434e5ffcf7
SSDEEP

6144:Hj0+eYALZ9ES52h0t78IW3B6GQmCb98lW9EIoI1nsUprgfLDn0sKj7c9XOd:D03BLLF5248I5XpWTIoI1sUJgfLrBs79

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
839a5d534aa6bbe4fae50f6e980c5c65_JaffaCakes118

Files

839a5d534aa6bbe4fae50f6e980c5c65_JaffaCakes118
.exe windows:4 windows x86 arch:x86

54092356b6b4737e0a3a4b32e4e0487f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

comctl32

ImageList_SetIconSize

comdlg32

GetOpenFileNameA

Sections

CODE
Size: 300KB - Virtual size: 752KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE