fe5cc3b50351284e1f0788289ab6b764_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fe5cc3b50351284e1f0788289ab6b764_JaffaCakes118
Size

241KB
MD5

fe5cc3b50351284e1f0788289ab6b764
SHA1

638c81cabd2b05be7617c7f0a6f9d0f920e43241
SHA256

30a1b985d288ba4bc4daa1083e38b1546a0f89d504e5c387450e0c7dbeae884f
SHA512

ed4a0fd332f6b0fd149bc204286507543531d43092d82bb36c432d96a3ac8867bc7e4c499d694fc24e43805039b4e7d5ec93dbc876cd3a05f72cdbaa6527e3c3
SSDEEP

6144:qga91jB8oM3oFYwYYyCEfT6MaYHdkoP3krMxTmO1yhvIB:qga91jzMYe3/6jwjP3kr4SgYA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe5cc3b50351284e1f0788289ab6b764_JaffaCakes118

Files

fe5cc3b50351284e1f0788289ab6b764_JaffaCakes118
.exe windows:4 windows x86 arch:x86

41507753530d76bf751bd1509806ec8e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

Sections

CODE
Size: 234KB - Virtual size: 316KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE