0eefaa21fa2bcc54072fb0ff7c5a1051_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0eefaa21fa2bcc54072fb0ff7c5a1051_JaffaCakes118
Size

206KB
MD5

0eefaa21fa2bcc54072fb0ff7c5a1051
SHA1

0b13045259b2ddfdd218a247964f0a674dc458a2
SHA256

bdcfa11162dea69d517266ad6b2498517a4175d6903b54bc2261b37e1d66a82e
SHA512

a7dcaa898b10d2377e1793de3009797bbbc6e96f4d0e331f4550189f80d2fe12db3fbdc2796fcf7fe40cdf1987be208fd91c14395dd3e67f41feb25526a00f71
SSDEEP

6144:LjG0XuQTTQ16ld4yVhxj3pxsSNCam8bLIEx6lE44:/G7QTTQAdvVh6j58bLIPS44

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Keygen/keygen.exe

Files

0eefaa21fa2bcc54072fb0ff7c5a1051_JaffaCakes118
.rar
Keygen/keygen.exe
.exe windows:4 windows x86 arch:x86

29db3ad3a02b4808b1332e0e02883a01

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

gdi32

TextOutA

msimg32

AlphaBlend

Sections

CODE
Size: 200KB - Virtual size: 472KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Популярные программы для OS Windows.url
.url