cf5d91e2ffcc23fbca8a1ecec96f491d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cf5d91e2ffcc23fbca8a1ecec96f491d_JaffaCakes118
Size

59KB
MD5

cf5d91e2ffcc23fbca8a1ecec96f491d
SHA1

0092754b2a7b8a7fcadd2a5cff65f79ff4f17665
SHA256

f4338db34120d2e521e1b88614389622b6b77c3d8c1393084fabea0cabcc22b0
SHA512

c9944271f035bcce8d1189a0a45c8da74bd0cefaef5202abee6546dd54dce3a7cee96859e2988e0136e72fafa42b6ce18670cd9c37bf697216cb6bf83adaa3d4
SSDEEP

1536:MVjxpy0zT6XgPQd317jJc5fDSZCRxkY9AS0:kyWwgYdF7wRxkY9v0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf5d91e2ffcc23fbca8a1ecec96f491d_JaffaCakes118

Files

cf5d91e2ffcc23fbca8a1ecec96f491d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eda4bd47bb6610a91ac595f4d7eb0333

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

wsock32

WSACleanup

shell32

ShellExecuteA

shfolder

SHGetFolderPathA

Sections

CODE
Size: 53KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE