06aa73c99e544d04b8eab16c7d4ce0d6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

06aa73c99e544d04b8eab16c7d4ce0d6_JaffaCakes118
Size

1.0MB
MD5

06aa73c99e544d04b8eab16c7d4ce0d6
SHA1

1cfd2de1c21c2932078a20392f8afdb506215ff7
SHA256

a9c7513c2f9283e84d70216d9cc7e9d985e85257890889a80b55fb0119606978
SHA512

dd0d2759587c3ec61123de50112f96353afd0ca2a5949bcc0d1b60a776d6fb2b6a737da3e7307b24e29c923a259fe4fb08ad543d1fb429d5b44b345a9482ef02
SSDEEP

24576:Hz0RROFTLsxdVZmJdqeQ1jvP76HEnPgkXSVhPrQVEUl/fH3meg:T0RMF+bZmuemj32jJVhPrDUlHXme

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06aa73c99e544d04b8eab16c7d4ce0d6_JaffaCakes118

Files

06aa73c99e544d04b8eab16c7d4ce0d6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5d19772d7188180ec8c4d827abbc43b5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExW

user32

GetKeyboardType

msimg32

AlphaBlend

gdi32

UnrealizeObject

version

VerQueryValueA

olepro32

OleLoadPicture

ole32

CreateStreamOnHGlobal

shell32

Shell_NotifyIconW

comctl32

InitializeFlatSB

wininet

GetUrlCacheEntryInfoExW

comdlg32

ChooseColorW

gdiplus

GdipGetImagePixelFormat

winmm

timeGetTime

wsock32

WSACleanup

icmp

IcmpSendEcho

oleacc

LresultFromObject

ash_inet

ainet_InfoCheckSetProductLangLCID

Sections

TEXTICLE
Size: 1001KB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE