bdde1b4e95bbe1526bfedcd877a00ba3_JaffaCakes118 | Triage

Sharing

General

Target

bdde1b4e95bbe1526bfedcd877a00ba3_JaffaCakes118
Size

2.3MB
MD5

bdde1b4e95bbe1526bfedcd877a00ba3
SHA1

aba794fc0637c1f9d5962b88bf9d8c100d1b9c52
SHA256

e44e1fd0399efe49a5adac101fed1bc86c4e65468b79e7d5d73b2261aa2fb2ce
SHA512

ce994dc9212d3540aba1b66fea64828a8245ee150cc7941f42e393ab02b02a8771ee13c565109920b184a82edc1995ba744dd3b240fbd2b82cb7fa7ab4f9dd27
SSDEEP

49152:qhwf7hQMZcScIuXtvhgQI4qM18d6uFb2FBhL81qs7Wc7e4TrgzsfHu:qhwf7hczJL18djMFjL81jW8XggW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bdde1b4e95bbe1526bfedcd877a00ba3_JaffaCakes118

Files

bdde1b4e95bbe1526bfedcd877a00ba3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fdc2223592abb92ff32da79920c228bd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CoUninitialize

comctl32

ImageList_SetIconSize

shell32

ShellExecuteA

wininet

InternetGetConnectedState

wsock32

WSACleanup

netapi32

Netbios

Sections

CODE
Size: 2.3MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE