88c8e8ba9b5c296920fa5d43799545ea_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

88c8e8ba9b5c296920fa5d43799545ea_JaffaCakes118
Size

82KB
MD5

88c8e8ba9b5c296920fa5d43799545ea
SHA1

564b9f5a5385a8578944abedcc0f2a4afd780d10
SHA256

6f3b8250a8b3c1ba08d1a0e86d96ebba1157d49f4b791c7136e1f5625e4e2934
SHA512

4362f32310c05a699bf0685251c5dc2dd20c8943e099a6d0edc88e322ad3f2df25d074a16a665d47ef222690dde737739293a2f455c89b4b9c5c75ce07b20cc0
SSDEEP

1536:F1L5+lzIWcbHqa6q+e6CxPuyUG+E3eKcbyaQ7ZiLJl8k6cnI/rAjoZn:LLGsWczAq+ox2ZKeKYWAT/nIsj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88c8e8ba9b5c296920fa5d43799545ea_JaffaCakes118

Files

88c8e8ba9b5c296920fa5d43799545ea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

935fca4d18d739f0316205d6b9e8907e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

shell32

ShellExecuteExA

wsock32

WSACleanup

netapi32

Netbios

Sections

CODE
Size: 74KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE