04308b760f74c996a9d5392d3ae1d40f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

04308b760f74c996a9d5392d3ae1d40f_JaffaCakes118
Size

539KB
MD5

04308b760f74c996a9d5392d3ae1d40f
SHA1

8fd470d7f98eeb6bc2bcdebbb8cfa1378373ca91
SHA256

743e6b118f7c430a9cdafdc19f51eecf8c1195d3e7df3b304b79bcf329628738
SHA512

b56d04cc7ec03321d1390dc08e506906add364d012054c2a381cc2f54e9fe788250797a9d5dbfaddc1b925b57c6d1ade880b1d5922c8e4abd8f448a227094dcb
SSDEEP

12288:4vIGI/z/ce/oOIbvzkuMnSjrHU0BerPVwHsfbRH4qdkt:4vIVL/r/+7EncBerSHsJ3dkt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04308b760f74c996a9d5392d3ae1d40f_JaffaCakes118

Files

04308b760f74c996a9d5392d3ae1d40f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3149696fc279d59c8d3080a6e23b6ae2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CreateStreamOnHGlobal

comctl32

ImageList_SetIconSize

shell32

SHFileOperationA

wininet

FindNextUrlCacheEntryA

urlmon

URLDownloadToFileA

comdlg32

GetOpenFileNameA

Sections

CODE
Size: 504KB - Virtual size: 10.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE