d6778266eb56f0b966ff8635bda4b844_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d6778266eb56f0b966ff8635bda4b844_JaffaCakes118
Size

302KB
MD5

d6778266eb56f0b966ff8635bda4b844
SHA1

a72b81c6ed1eb026320ea0ed104e54c55225b13c
SHA256

75a34b5173e7971e602b7e8f97e5acbcba2e489fcd3e4433fa555f129798276c
SHA512

aa4f8dc480a1a655260c5845682eb93a54728d82ec620472e849b14940dec59703d23e57cfeaf0ebdf578568c6ac4ed94e9b4bb93438c5b89ae73b1ea16a29f8
SSDEEP

6144:41M1eP3SKDecCqJbJb9lnjjUgN7PESNeH9Kx+iJl1le6RMTKmBHBmAn9o0:4iQfSS3bHjjxNl8H9gnl1le6RMtBHBmo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6778266eb56f0b966ff8635bda4b844_JaffaCakes118

Files

d6778266eb56f0b966ff8635bda4b844_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c55d58516ab8b94df1945dd02ca3b318

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

comctl32

ImageList_SetIconSize

Sections

CODE
Size: 188KB - Virtual size: 968KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE