d264a2a691ef6f5e0f69c46d611e7b16_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d264a2a691ef6f5e0f69c46d611e7b16_JaffaCakes118
Size

3.4MB
MD5

d264a2a691ef6f5e0f69c46d611e7b16
SHA1

e0ef7bcf3573c4f38a695def4cac8fd3605944a5
SHA256

a5257ba87275f676752d45d1d5ab86621e0c77ef783a0b0eae15f6d12202f176
SHA512

f04c5225b7faf2f5804e5778c659bdd07cbb5133d7750b3dffed6435e6631598043cd2ad2ca6d0c6f81795f8714ac285e6a50ed9383646877e514e087521768e
SSDEEP

49152:H9hjUXEFZmN5n0feCTLIql6ZT/nX4pAPRZZRSGxcwtGQarE26QH0DHEd7ROMFeLG:HvUUFZregIfF/cAn4w897gE7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d264a2a691ef6f5e0f69c46d611e7b16_JaffaCakes118

Files

d264a2a691ef6f5e0f69c46d611e7b16_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4edd3d586f80688674526992434ba8ed

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExA

user32

GetKeyboardType

gdi32

UnrealizeObject

version

VerQueryValueA

ole32

CreateStreamOnHGlobal

comctl32

_TrackMouseEvent

winmm

timeGetTime

Sections

.text
Size: 3.4MB - Virtual size: 7.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE