04ad12a90cedd99c2bdb2421068a323d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

04ad12a90cedd99c2bdb2421068a323d_JaffaCakes118
Size

274KB
MD5

04ad12a90cedd99c2bdb2421068a323d
SHA1

8ae9419f9fbb78a75d2772e519415605f258327f
SHA256

e2c8fe7cbc28fc07adaad67a838147dd50fc571d3f9b9824b3c9628e9d2ceb6b
SHA512

c5670af04ed83b8f7f3d4e6ac79557575bb1d55c1edea70dcbdec62d29e674f7693edef318e931f4e68555ff80d22f77b33d590b2f1f4d6de119793ff13f4052
SSDEEP

6144:0f5OJXg/zSSA2b+xQtOctBBewRe4wLCP8as+:QiXg/zSO+xQtHUwReXCPds+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04ad12a90cedd99c2bdb2421068a323d_JaffaCakes118

Files

04ad12a90cedd99c2bdb2421068a323d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

41507753530d76bf751bd1509806ec8e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

Sections

CODE
Size: 267KB - Virtual size: 404KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE