07e0f98a11dbbedadffa01a532471022_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

07e0f98a11dbbedadffa01a532471022_JaffaCakes118
Size

538KB
MD5

07e0f98a11dbbedadffa01a532471022
SHA1

9e9fadaf8f320d29b5fe9741e4fa7d1bde29b4b8
SHA256

2553be2a5c7a21de957616c03174471fc709e379d9e0d285a1ea2f6a686d0817
SHA512

b6a1d7f3b18f0dfa74d13e69817150a24844c136fce9a7ac0533a389bdf85bc5b2d5f0c4d80b5722f0fe5a6b24db77e83a612ded7af0c9d93d0e1c734800bf96
SSDEEP

12288:aM4vdq1kwjdewDd9TLCQVfFkPR1jRn3DKifr1CajlZPNv7+y/SRi:CvdqawrDdlWydyRL3DFfNTTSR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07e0f98a11dbbedadffa01a532471022_JaffaCakes118

Files

07e0f98a11dbbedadffa01a532471022_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a83ac250ba95ef84d499b749b553e2c7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

advapi32

RegQueryValueExA

comctl32

ImageList_SetIconSize

comdlg32

GetSaveFileNameA

gdi32

UnrealizeObject

oleaut32

SafeArrayPtrOfIndex

user32

WindowFromPoint

version

VerQueryValueA

Sections

CODE
Size: 501KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE