a12753b617ba8f36f3f5cd1a51189c7a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a12753b617ba8f36f3f5cd1a51189c7a_JaffaCakes118
Size

157KB
MD5

a12753b617ba8f36f3f5cd1a51189c7a
SHA1

b8f917ee10650f16ceb4b01ebc602b90d497e298
SHA256

969fce4a7614b44f2afdb10d888dd2e8b4051f084dfd374247576f0399ae35e9
SHA512

051b6ded148db5e01a6e9d17254e9fd945854d72abd2902562920eecf97170a8145a6063ef38cd29e4228f9c540e19127ff65adc8adda15412af76d7be5555d0
SSDEEP

3072:XLP1X4DaFrEUn/ykGPiRYhwhD9PU/Zji+1KIVQBbJ:bPcadT/KaY8GZj3YIW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a12753b617ba8f36f3f5cd1a51189c7a_JaffaCakes118

Files

a12753b617ba8f36f3f5cd1a51189c7a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

41507753530d76bf751bd1509806ec8e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

Sections

CODE
Size: 148KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE