08b039df5dbb109f36801c8602f9aa7b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

08b039df5dbb109f36801c8602f9aa7b_JaffaCakes118
Size

132KB
MD5

08b039df5dbb109f36801c8602f9aa7b
SHA1

7f69073ae1f8901c2d2f1f8a7ab150bcb06eda4c
SHA256

c148f55a9b61538b7873deb881836e7c664417181668647cbe9f659a4e7d4f18
SHA512

f3610ce32e6545b40bf43533a081ccb76308122c772fd0e8364e3215fd7bd0ae40f8e430ae11e1a1997ec827d389fcf5f3a1c63ae3a650327321dc664c9d3f89
SSDEEP

768:5C6KN54C7zFrbng8qDTSBSK3hZGU07P6eAxAQLKhCHhJ2iA:5nKNWEzFrrgpDTTKnpQP9AaRwHhYp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08b039df5dbb109f36801c8602f9aa7b_JaffaCakes118

Files

08b039df5dbb109f36801c8602f9aa7b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c42bf4107481f4960a34f220d5944482

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

shell32

ShellExecuteA

Sections

�
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE