9662d575eaa80df94c0467b31b4e8e1b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9662d575eaa80df94c0467b31b4e8e1b_JaffaCakes118
Size

243KB
MD5

9662d575eaa80df94c0467b31b4e8e1b
SHA1

933ddde5756754987d9a9a70686326e760c94a2a
SHA256

9ce617769691fae72331152dea7867f965721277d3cc34bb5dcb32b9e68934e3
SHA512

c40619c1714758808580f924e0b2f54c9e6b4fd8cbf30b6fb27c787f46ab83bff21bec90f0fdc250f521bcd8374de9521a47a25d934a6d07db955a728bf0f172
SSDEEP

6144:grEJtD5mU0gv1Me7YuIz4IyYVVzrVBM8s0PX+3/mSUCl:grEnD5mU0Xe0rMMVnEbNJl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9662d575eaa80df94c0467b31b4e8e1b_JaffaCakes118

Files

9662d575eaa80df94c0467b31b4e8e1b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

22e4a6ae17d2ec1694277f2389b042d1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

mpr

WNetCancelConnectionA

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CoUninitialize

comctl32

ImageList_SetIconSize

shell32

ShellExecuteA

wininet

InternetReadFile

Sections

CODE
Size: 228KB - Virtual size: 676KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE