d7452bb83eba2707c5333fd9c54f2156_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d7452bb83eba2707c5333fd9c54f2156_JaffaCakes118
Size

66KB
MD5

d7452bb83eba2707c5333fd9c54f2156
SHA1

b7ff8723421fa7f4189a8471b1c0b3a065acbce0
SHA256

8d14e6e5247408a6e9b4795e7c95c70bf58e69f988ab49e61fffd7fa868c8cb1
SHA512

9d0cad98643a384c8a02280d9c0d3dc366495e5971db2b1f60a77e58fc91e4157ec93303f573ccad3ef3322e197cb3804a8b2a1783bf3bb5b8cb53dc7efb87e6
SSDEEP

768:S8SCfWvzFfUPmZ/aFqx+Hk6n9rqdruCGhDwZenBaAgVhnGDS779CqpixgAUlF7zW:bSCerxFNmHt9rQrgBaoDG9/paRS1zgd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d7452bb83eba2707c5333fd9c54f2156_JaffaCakes118

Files

d7452bb83eba2707c5333fd9c54f2156_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c9a1c5d869ec4841b1d15ff64a71b707

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

wininet

InternetReadFile

shell32

ShellExecuteA

Sections

CODE
Size: 36KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ifc
Size: - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE