a75618b4628e2c3045d4db56c99fc9bd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a75618b4628e2c3045d4db56c99fc9bd_JaffaCakes118
Size

342KB
MD5

a75618b4628e2c3045d4db56c99fc9bd
SHA1

99956b9d7888b99fc333b2b08d5806ec38020d6b
SHA256

4299d82b6c06ae64c09bc7527914117bda922ecd85a42b7daeb9caa00cba9a4a
SHA512

96f535960361229e495dd0e8300d512e2f346eaff4a15b1b1a266bfcf3dbafb4b007de0ffd111580c978c20dc5274f9718ce4098dc10ae0c6dc641fb557619f9
SSDEEP

6144:kqk30W1/DqgRAuRR2c+pg7R8tyTgy1zhuiSPzWXWJfRkc137ybu8PKg7W756xfR:kqk30krKSR5CgTLlRh6RkI37cPKg7k6x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a75618b4628e2c3045d4db56c99fc9bd_JaffaCakes118

Files

a75618b4628e2c3045d4db56c99fc9bd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

176e5634a9192989e23533b0d4145ec3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CoTaskMemAlloc

comctl32

ImageList_SetIconSize

shell32

SHGetFileInfoA

comdlg32

ChooseColorA

winmm

timeGetTime

Sections

CODE
Size: 326KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE