290b85a8dff5527ded5a0c5c8f542446_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

290b85a8dff5527ded5a0c5c8f542446_JaffaCakes118
Size

17KB
MD5

290b85a8dff5527ded5a0c5c8f542446
SHA1

9d311586a8b5cf79a54df3889c0cd7831fd411a5
SHA256

32ef541b64303126127b7de9bf14261c3e1286c4416e87306eb291ac1c9462b5
SHA512

d91540e867ac40c719d894488d176e277a9f6070c8b43e7c57832146632a6bcd85ce8eb064430eb02fd1a0e4cf3268ccd95854a77dbbff12944a6f8dcfbe49f3
SSDEEP

384:9QgPLKTboJFyq+ChKyPe7zR1acbvS02clZIEJ74910F5CDfVV:NzKIJFyqazkLlI7oefuz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
290b85a8dff5527ded5a0c5c8f542446_JaffaCakes118

Files

290b85a8dff5527ded5a0c5c8f542446_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1d71c649b1127cbae74adf0157dc7d19

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

ole32

OleUninitialize

user32

GetDC

oleaut32

SafeArrayDestroy

advapi32

LookupPrivilegeValueA

shlwapi

StrCmpNA

wsock32

send

rasapi32

RasEnumEntriesA

gdi32

GetDeviceCaps

Sections

Size: 13KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 64B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE