aad0fa77123a944853e5c571a441c8ed_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aad0fa77123a944853e5c571a441c8ed_JaffaCakes118
Size

43KB
MD5

aad0fa77123a944853e5c571a441c8ed
SHA1

fd74f89bf04c13e288000d1ce3e7b03092d133ef
SHA256

66262df9bf790ce3bd1f845bcafe66a1980e02516a814d38ea0701813e3a47d4
SHA512

b3a862717e40f97c19bc989be3579585d109141920dd14aed28ee8666f1d3deb45d3eceaac25a35edbee7240d0363ab205afbffe065b6e2be656772a2dbd4aa1
SSDEEP

768:YlhJOke657lJcJy3cqpRSRn/wK1QCofk2TyS+9J4AYzfexkjTVw:uJT57lH3c4RI4KeCD2TySGRxYTV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aad0fa77123a944853e5c571a441c8ed_JaffaCakes118

Files

aad0fa77123a944853e5c571a441c8ed_JaffaCakes118
.exe windows:4 windows x86 arch:x86

41507753530d76bf751bd1509806ec8e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

Sections

CODE
Size: 37KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE