373ffa76c98831f226574d5415cf256e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

373ffa76c98831f226574d5415cf256e_JaffaCakes118
Size

48KB
MD5

373ffa76c98831f226574d5415cf256e
SHA1

c2ab3ad76b557692414c27fc3c64de7dd7de529f
SHA256

d65b91477cd43d557216fee98efc44f758b2a423ec860d09d9c25d0b284bc4ae
SHA512

e2610779d2da048706243283638c3e4806170ad84f516eb40eb04a346293b8a8d678b93207df0954fa3e0d4c27ecc330dff0402843553b134c76c7b11127ed5a
SSDEEP

768:zQkMpzx0hObFllJNNjSig/NlkOqyxeureunneuIytcStnb6Xn9UguclUblFq:D6zxQwnTPW/NlTqocSZbtalU3q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
373ffa76c98831f226574d5415cf256e_JaffaCakes118

Files

373ffa76c98831f226574d5415cf256e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

37f3cd05a4ed0aa309b2569719cfa873

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

wininet

InternetReadFile

Sections

CODE
Size: 18KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE