a42e5811d07627d593b16f03a587c155_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a42e5811d07627d593b16f03a587c155_JaffaCakes118
Size

3.0MB
MD5

a42e5811d07627d593b16f03a587c155
SHA1

983e1cd2343ddf64bd60b9fd5e6f62e0799781c2
SHA256

45d9f732c58a70ef48d90273d05f49c7d905da9bcacce5189ac062ccb2753e89
SHA512

d3a88b63217f6fc99f359f6edaf7dbaf8a51f4e961f5e625daa6fa9c3ef2007528c8471a4013371d326e1cc404e33dce3b049a38ff9ce12393e3b1e9d34f627f
SSDEEP

49152:D7ekARUkUL59zeAU27o96mapNh99JqR7GJZZdI/tjdkme46aUd6OF0CZ7GFq4sTW:D72R3geAUMw6majxJqR4DdIvkmr6Vr7E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a42e5811d07627d593b16f03a587c155_JaffaCakes118

Files

a42e5811d07627d593b16f03a587c155_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b6ffb9014d502d1650226318aef9871f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CreateStreamOnHGlobal

comctl32

ImageList_SetIconSize

wininet

InternetGetConnectedState

Sections

Size: 3.0MB - Virtual size: 12.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE