95f6416f0da94ff3e4298060e3d0d45c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

95f6416f0da94ff3e4298060e3d0d45c_JaffaCakes118
Size

1.1MB
MD5

95f6416f0da94ff3e4298060e3d0d45c
SHA1

775f015005eb8b15bb539fd64248752b872ef4cb
SHA256

1a6dd6ab981f0e95afb4ed02c0f501448a5610bb5cf6fd2f3e8f28bf88b1cbf6
SHA512

dd912fa067c810f02d9edf520f58a8b28db0225f45a1fb974aa4c3e8ecec9a3885ed1a0a89287da8a24f6e113e25b5610868d7178d457394a52e38539f6aa552
SSDEEP

24576:lpzGGGIvmKOTQEmHF8fftQ8vol+tRE2hfmGNihf4gZ:mGeKOTQVHFC/ver2kwg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95f6416f0da94ff3e4298060e3d0d45c_JaffaCakes118

Files

95f6416f0da94ff3e4298060e3d0d45c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e681782dd44e1779626e89d07ad64c8b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

mpr

WNetGetConnectionA

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

IsEqualGUID

comctl32

ImageList_SetIconSize

shell32

ShellExecuteA

comdlg32

CommDlgExtendedError

wsock32

WSACleanup

Sections

CODE
Size: 978KB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE