83a95cd3f7cbdbd6928d5aa79270fa69_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

83a95cd3f7cbdbd6928d5aa79270fa69_JaffaCakes118
Size

265KB
MD5

83a95cd3f7cbdbd6928d5aa79270fa69
SHA1

46fc4f9fea00a374ab1fe1fb49a0a5a1555dee99
SHA256

40a47a91c7fb5328c411e4054b99f9a7b0c4c259a75987b1716f1f27a75edc3b
SHA512

e0f4a4d304f14db7520889ceb797eb9c029276b159721f9a19bfb689a2f38d9ce734d43dbf17c185452eb03ac50ff2c9dbefc5485226f5b41ff8f39c88d47a61
SSDEEP

3072:M4G50xkFOVS6B6/hF37Y8iHe9IQna6U746M3rbUyqtSsUGt2jg7aj3ItlaYORrdM:RG5fFG9BYh1cixtdrr2Uw2U+j+QdM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83a95cd3f7cbdbd6928d5aa79270fa69_JaffaCakes118

Files

83a95cd3f7cbdbd6928d5aa79270fa69_JaffaCakes118
.exe windows:4 windows x86 arch:x86

34e29d8b110954003ed333b9891c3802

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CoTaskMemAlloc

comctl32

ImageList_SetIconSize

shell32

Shell_NotifyIconA

wininet

InternetQueryOptionA

urlmon

URLDownloadToFileA

Sections

CODE
Size: 250KB - Virtual size: 788KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE