fa8b78dbbf39deb00ecc69a654cdc5f5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa8b78dbbf39deb00ecc69a654cdc5f5_JaffaCakes118
Size

275KB
MD5

fa8b78dbbf39deb00ecc69a654cdc5f5
SHA1

d279449a710ec069e9a0c4fe3d98f9f2a17e920c
SHA256

11532b0c783a1dbcf4a3e3cc24e0965d8bd73fd1b3279d049fc2c8f90cecb369
SHA512

69b522140fa6e6206664b550b7585c2090ea6829420ab64ef55f48b0ee50d39ccd49b12dd2a8056fcff58f692b33395adc3b3bf9a610e9d105cd26aec451724d
SSDEEP

6144:dnSxmzApDLt+Ns6nkVAceUH3kWHkfM+Ed4LHNBdFDBUS0Ml/G:dWT/tus6n1UXk0Th4LrdFDBUSvl/G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa8b78dbbf39deb00ecc69a654cdc5f5_JaffaCakes118

Files

fa8b78dbbf39deb00ecc69a654cdc5f5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a7029f59b8d9d194731060fb40463d21

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExW

user32

GetKeyboardType

msimg32

AlphaBlend

gdi32

UnrealizeObject

version

VerQueryValueW

ole32

OleUninitialize

comctl32

InitializeFlatSB

shell32

Shell_NotifyIconW

Sections

.text
Size: 262KB - Virtual size: 920KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE