d136d818e9891edb71f7da505966ef74_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d136d818e9891edb71f7da505966ef74_JaffaCakes118
Size

263KB
MD5

d136d818e9891edb71f7da505966ef74
SHA1

c4bc8f8c933bec9b50bb615daedc5d146d273a1f
SHA256

7c8ca7a7479fcbb8bdd35487f758bbbb707a826ba5f8c828cdbfdade07307371
SHA512

f624b5525c8ecf435229147be913331203aa58651ea4fe5d704470ef714b3434c9530a020a0e68d196d8442e6dce59ba3526f13fa596b2f86bd3ed62abc70b77
SSDEEP

6144:x8wyl7QSknB1icDJTPTm195Xrf6YYELp8:GwyllknGcDdmNX1YEL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d136d818e9891edb71f7da505966ef74_JaffaCakes118

Files

d136d818e9891edb71f7da505966ef74_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5064f99dba54900478f2eefda0c31525

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

comctl32

ImageList_SetIconSize

shell32

ShellExecuteA

wininet

FindNextUrlCacheEntryA

Sections

CODE
Size: 177KB - Virtual size: 608KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 85KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE