d31199a9fae7e0eff791cf4eedb2afbe_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d31199a9fae7e0eff791cf4eedb2afbe_JaffaCakes118
Size

608KB
MD5

d31199a9fae7e0eff791cf4eedb2afbe
SHA1

65c93ce569f00b9d3530e1e07f8248653cdd432e
SHA256

b5be2d7818cf64aecbabf7579e65d72c2bda3008da0f6f2400dbca4635edc915
SHA512

10474339c56de3ec64e2d61de15c615603d049544941c435c3ef908e8ab1711f04fd55cbe85e2fe29de962519c1ccfb99ef915b8d6b2dfc3d09174fe48b2a3eb
SSDEEP

12288:gBnzxqSnbJZiRG2J5nsxvNGtKenmcdrmoOc1bIWouK:gFzp2Xnsx4K+mcdrEc1b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d31199a9fae7e0eff791cf4eedb2afbe_JaffaCakes118

Files

d31199a9fae7e0eff791cf4eedb2afbe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ae2d80b9fe337e042cec25d3858035fd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CreateStreamOnHGlobal

comctl32

ImageList_SetIconSize

shell32

SHFileOperationA

wininet

FindNextUrlCacheEntryA

comdlg32

GetOpenFileNameA

netapi32

Netbios

Sections

CODE
Size: 572KB - Virtual size: 11.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE