8ba7df2033970d939feea24a999a1948_JaffaCakes118 | Triage

Sharing

General

Target

8ba7df2033970d939feea24a999a1948_JaffaCakes118
Size

155KB
MD5

8ba7df2033970d939feea24a999a1948
SHA1

72535ce808f0e7d36d21660f3ddf1252512d6dd8
SHA256

2d0c0109549aaf19e9fa8a7259effd1e0d960af40d131254e3aefef295e7cc63
SHA512

b191bdb036841c911df3205beac05cacd17359a9883b9be41605d79e0c5a393b9483061674aaea752e392209a2c7f0a446df26816625691731bd9a2841cec5d8
SSDEEP

3072:cjjuFXbAVCFYLYlucjSWrvnou0Vy4LoRn9Y8s6CucNVJk3Kg:cjatbFYNcdrgu0Vy46n9Yl6C/CK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ba7df2033970d939feea24a999a1948_JaffaCakes118

Files

8ba7df2033970d939feea24a999a1948_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cd755f0bd6c6325507b97d09eabbc9ad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

comctl32

ImageList_SetIconSize

urlmon

URLDownloadToFileA

Sections

CODE
Size: 137KB - Virtual size: 404KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE