b06eb72e16c7b6cfb04a9603e0c21aac_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b06eb72e16c7b6cfb04a9603e0c21aac_JaffaCakes118
Size

816KB
MD5

b06eb72e16c7b6cfb04a9603e0c21aac
SHA1

f2d0b8afb4a840f68a973a6c838cd5bd79c73080
SHA256

c679e2d6af1574325e001ea7664247d647110b77f45f0c8a74572421541bb604
SHA512

39ac6076ae0d6c70889407ea0b11ca764a76dac79fef6d2dca9150c7d3f479dd6b32a18b5fef9f115392ca08b21691f6165bbec87450e010021a88d7e96d20c8
SSDEEP

12288:tJXkq72aq54p10Xt5b8fBG4Y5T8zWqTmOOBQI64liJl9kMdiOBuRiDeqNLzL5ua9:tJXkPaq54pkuIQz4liJl9mOPnHLwa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b06eb72e16c7b6cfb04a9603e0c21aac_JaffaCakes118

Files

b06eb72e16c7b6cfb04a9603e0c21aac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

43d84983dccd48e4c4d7426d4e451fd5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CreateStreamOnHGlobal

comctl32

ImageList_SetIconSize

wininet

InternetGetConnectedState

wsock32

WSACleanup

Sections

CODE
Size: 802KB - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE