b08b37cd086ee036fb0086e38a222ad1_JaffaCakes118 | Triage

Sharing

General

Target

b08b37cd086ee036fb0086e38a222ad1_JaffaCakes118
Size

133KB
MD5

b08b37cd086ee036fb0086e38a222ad1
SHA1

b8456d0082954e7b41d71e894f794c8fd5317580
SHA256

dbe71c8883e80f6812b8e6bad2377bdc7f0fdc000c75879ea4f30bc861da9933
SHA512

74b845dda5b6f43361a832c553c3b5d0d082ad7a98aa11e1a291063e3bb536f4340591f6982c512cb52ede9124450e1396156ec73de480e70ccc38e30dfc366c
SSDEEP

3072:b9bCsGPgKI1pukEqNWUPtApKS7Srx5T1n7CmA+aNXNqZ320meivGzYnjEie:bxCsGPgLMbQ7PapKvrx5T1n7CmA+aNX6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b08b37cd086ee036fb0086e38a222ad1_JaffaCakes118

Files

b08b37cd086ee036fb0086e38a222ad1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7b953bd590d714aa1bf235b7a23ea642

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

shell32

SHGetSpecialFolderLocation

wsock32

WSACleanup

ntdll

RtlFreeHeap

iphlpapi

GetAdaptersInfo

Sections

CODE
Size: 127KB - Virtual size: 384KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE