d0b95ef99d8e32e0b5af91e871806b84_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d0b95ef99d8e32e0b5af91e871806b84_JaffaCakes118
Size

211KB
MD5

d0b95ef99d8e32e0b5af91e871806b84
SHA1

19bc236867f958901d87e69ead94d84c284375d7
SHA256

71dbd1476e43c8c662d7424417fde3440923b44aafdb98d68b77fcdf02cee82a
SHA512

18a97e064e487173763d18d468fe689d21f4a4c9e856c661b10a00766b3c48e109b02a3dc88e964aed0e9ed92d17c89d3c33b9e6f89c103dcf45494d72c9a6e2
SSDEEP

6144:hwCRXzVE0Yk86u15rX6okkbQJ2UJe6ede:6CjCk86urKZ+Doe6ede

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0b95ef99d8e32e0b5af91e871806b84_JaffaCakes118

Files

d0b95ef99d8e32e0b5af91e871806b84_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c55d58516ab8b94df1945dd02ca3b318

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

comctl32

ImageList_SetIconSize

Sections

CODE
Size: 203KB - Virtual size: 460KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE