a512d302b9aec3105d0eb30f7450150e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a512d302b9aec3105d0eb30f7450150e_JaffaCakes118
Size

937KB
MD5

a512d302b9aec3105d0eb30f7450150e
SHA1

a87d2da6870162a57b6eb1355f03a375fdd6d4e7
SHA256

088ac0119ad7b69b7a0e53ff8f82359e7b856b191fa6ae888861e6ab0d5a1e54
SHA512

951ca6d749701620f49a99642078f226926e0233d46617834029ce7359b784ab1db99b85c2405c6f3b7f3a9eb97aee48a8f6700fd616de22859fe68974119dfc
SSDEEP

12288:vWir/DlNGVzMvwKE5aWq1dsQdiQtPt4OPmpSZcOnorm5MiueLBJ8HWRiOYoueNxM:vdNjE5csgBtPtHPLbozWRi3ouytuH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a512d302b9aec3105d0eb30f7450150e_JaffaCakes118

Files

a512d302b9aec3105d0eb30f7450150e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

00735ba36775272111aa4c70ffa57000

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

gdi32

UnrealizeObject

comctl32

ImageList_SetIconSize

shell32

ShellExecuteA

wsock32

WSACleanup

winmm

timeGetTime

Sections

CODE
Size: 926KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE