fd77a702337b1ad508f943cbc82563f6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd77a702337b1ad508f943cbc82563f6_JaffaCakes118
Size

153KB
MD5

fd77a702337b1ad508f943cbc82563f6
SHA1

f5bed8b6b12965f68be8188ace8dd54697c647e9
SHA256

061e595bef281c6408dfc4cc5871ac8030a81d54e385bf45f5b64d3b5ef4b447
SHA512

22ba180ab2567775e077bdeb350a191382d42289ad7e57125ed6426286ca1cf8781c10a03925e3cd1531f9e226ade32c8c73bb38487beb70b630582ace661589
SSDEEP

3072:T4jqDOAnJZE+6vGMWq4E1wTakIfWeW2Fsn85bCpzA8xOE3Y:TUDb+6Oq4E+TsDj3ok81

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd77a702337b1ad508f943cbc82563f6_JaffaCakes118

Files

fd77a702337b1ad508f943cbc82563f6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d2bbddb8c010773f04c2d9dd29668462

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

comctl32

ImageList_SetIconSize

shell32

ShellExecuteA

urlmon

URLDownloadToFileA

Sections

CODE
Size: 140KB - Virtual size: 412KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE