e1998fccbfc9baf4bf35f940d32dc39d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e1998fccbfc9baf4bf35f940d32dc39d_JaffaCakes118
Size

164KB
MD5

e1998fccbfc9baf4bf35f940d32dc39d
SHA1

12c597581d7ca9f103383c94484c2084eefd9bec
SHA256

00cf29b46565021d9027a32a3b52749c3179053bad4f8818583f11a5c8c08ae7
SHA512

33ac7c650e85dc253ad139c7eac8afc21c40640d4902248d13cce3baf9278f686f8680d7b8c5b87c4394c9fe82b095f0c23bb6ae94025dac9636798cd8d35e6d
SSDEEP

3072:vEGhU5vVYSAZ60BxtS/dKIyIeD5flgdOsycHxR+bAPSBX/:vEGgEgdKIY5l3sfxR+bLBX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1998fccbfc9baf4bf35f940d32dc39d_JaffaCakes118

Files

e1998fccbfc9baf4bf35f940d32dc39d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cd755f0bd6c6325507b97d09eabbc9ad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

comctl32

ImageList_SetIconSize

urlmon

URLDownloadToFileA

Sections

CODE
Size: 156KB - Virtual size: 408KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE