87ad82503bb0f458cf62cb08f765fc0a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

87ad82503bb0f458cf62cb08f765fc0a_JaffaCakes118
Size

363KB
MD5

87ad82503bb0f458cf62cb08f765fc0a
SHA1

0dc5cd81b2a54739aa146570d192f71b0ce23817
SHA256

0fc3dc5f9143554ee3392126924009bd281ebe5e3274d287899f4e1c303381eb
SHA512

3c4b8bc167acb2b145ce170f904cf4c46fd67c29fca7ce79816121029903870494e8e5b867ec314ff84efe2a1f68d20d9822ce15b238f2b0c9a2e2ba1c912c05
SSDEEP

6144:lAG8pbBgFs9cXe6usw8vctkDMN9C+lP/z+KPKroFDqUyMwv+xQD:lRusZiN9C+l3aKCr3b1J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87ad82503bb0f458cf62cb08f765fc0a_JaffaCakes118

Files

87ad82503bb0f458cf62cb08f765fc0a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c55d58516ab8b94df1945dd02ca3b318

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

comctl32

ImageList_SetIconSize

Sections

CODE
Size: 353KB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE