bfb58cf0cb1ea40e40b78f73715274c2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bfb58cf0cb1ea40e40b78f73715274c2_JaffaCakes118
Size

322KB
MD5

bfb58cf0cb1ea40e40b78f73715274c2
SHA1

6f2260a9d33ffef54477c630ca24d1fbe5aced13
SHA256

069e3430f6575c7b44f37ace309cf41448c0d067e326cb3a2921fbdeb809a202
SHA512

d3c764cda8b5147d608f9dfabc36d4bd06dea3b2cc13e4204b26a0903c5ca37904266ce44e001d03a6bc7c1b342fdb9a3080c223d57326a1e8d4aaed590eeb84
SSDEEP

6144:XqKGtXUy60zhR6tGorr0nPjA5Vj7gIAIigfC91ArERspcR:6KGtXUy6O5qr0SjkVTAri3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfb58cf0cb1ea40e40b78f73715274c2_JaffaCakes118

Files

bfb58cf0cb1ea40e40b78f73715274c2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d763060a6da95035bb4aefce43f0ae33

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

comctl32

ImageList_SetIconSize

wininet

InternetGetConnectedState

wsock32

WSACleanup

Sections

CODE
Size: 309KB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE