8720faa0c5041bdb4fdb0db7272b1b0f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8720faa0c5041bdb4fdb0db7272b1b0f_JaffaCakes118
Size

2.0MB
MD5

8720faa0c5041bdb4fdb0db7272b1b0f
SHA1

11f7e280c950d91a174c47811c108cf07b2640ab
SHA256

e48c9f42e0f1614d05eea62f5fb751c77d114ef6a6183c2bf7ac00647e17e744
SHA512

3ab35c1764e5a09287a9c2f3ab4a63e7645cb7c8cedbe2a4a9e285b41a296375aeec954e49eb17abe6c0cf706dff31a22d2f790fc82eb0701813101be4e7bed2
SSDEEP

49152:S44WSDV8NsRCIjZlCfHtik5EEUe7fLOHAAe:R4HVXRDrCfHtoBqLOgp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8720faa0c5041bdb4fdb0db7272b1b0f_JaffaCakes118

Files

8720faa0c5041bdb4fdb0db7272b1b0f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

81922e20f281fffb01f5336f60e5630f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExA

user32

GetKeyboardType

msimg32

GradientFill

gdi32

UnrealizeObject

version

VerQueryValueW

mpr

WNetOpenEnumW

ole32

IsEqualGUID

comctl32

_TrackMouseEvent

urlmon

URLDownloadToFileW

wininet

DeleteUrlCacheEntry

shell32

Shell_NotifyIconA

winspool.drv

OpenPrinterA

comdlg32

ChooseFontA

netapi32

Netbios

Sections

.text
Size: 2.0MB - Virtual size: 7.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE