b9d660e7e612e400da4def53a1c34fce_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b9d660e7e612e400da4def53a1c34fce_JaffaCakes118
Size

156KB
MD5

b9d660e7e612e400da4def53a1c34fce
SHA1

df171177ad3376c063b6fbb3449f1bbc0d141e7f
SHA256

7672390600d2744253790d4e1bd4c49a9e6eb682303072ad454204b5eeba50b5
SHA512

77c6fa3f9a504a7dd3ad029a308a41a82f7d753138e4dd1ca00c41a03dc7446926029424ddb3f90a663979792f60a0c826a3c08d6df41d2b652c0985d015b9de
SSDEEP

3072:TfGuvJZnD/PduaFj7MtfPB5locoi6wyX2oTpmSnbrrhM0ogJo1QDvTAoiq:Te6Dd3jYtfPblLoi6w8/nbhM0ogJoCDp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b9d660e7e612e400da4def53a1c34fce_JaffaCakes118

Files

b9d660e7e612e400da4def53a1c34fce_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d2bbddb8c010773f04c2d9dd29668462

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

comctl32

ImageList_SetIconSize

shell32

ShellExecuteA

urlmon

URLDownloadToFileA

Sections

CODE
Size: 143KB - Virtual size: 428KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE