c973da726220c09fdebbf38263f7db97_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c973da726220c09fdebbf38263f7db97_JaffaCakes118
Size

1.7MB
MD5

c973da726220c09fdebbf38263f7db97
SHA1

09ffc9998a1b9fb60c7e7c68f627201d8ff42f45
SHA256

82ff1c20dfdbb68b9bf3d592c81d66cceea1f4ed6f0bdda20db404fd72de6ccd
SHA512

aec4e974b320adfff57309228a13ada117301b7d51fe849cac9fe0adcd7fc1be8287f7116e444c697aa8e09d6518a450f84569baf0cf575da4d195d906f16160
SSDEEP

49152:Fx+SnThxkKFNxH6F55pvtfSavKVMlC5E/:PNThxkKFNEFtvtftSDc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c973da726220c09fdebbf38263f7db97_JaffaCakes118

Files

c973da726220c09fdebbf38263f7db97_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ac518dcdd3f8245ce238de0e5fe6e6ba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExA

user32

GetKeyboardType

msimg32

GradientFill

gdi32

UnrealizeObject

version

VerQueryValueA

ole32

CreateStreamOnHGlobal

comctl32

_TrackMouseEvent

urlmon

CoInternetCreateZoneManager

wininet

FindNextUrlCacheEntryExA

shell32

ExtractIconA

comdlg32

GetOpenFileNameA

Sections

.text
Size: 1.7MB - Virtual size: 22.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE