3e127775e46c46988de270b627b942dd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3e127775e46c46988de270b627b942dd_JaffaCakes118
Size

1.7MB
MD5

3e127775e46c46988de270b627b942dd
SHA1

6c58b23130346210fe977070ca2787e285a677b9
SHA256

710f471854333b2b418a76540a4bc88b1854272040690f13ee1270cca7fee22b
SHA512

aec6815aa6ecad5f2ceace0de4c3750722f930d80551641360ff94ffb5e699670a909102fdc60ffe981c12af63e83a97bf2c0a2c28b144107ccfbb6bb4006ba0
SSDEEP

49152:bew4wxsfmunnd6uJ99rfghfGlK3LNLRpTpx91RFfba:bewbs+uN99Ih+w3LNNXlDa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e127775e46c46988de270b627b942dd_JaffaCakes118

Files

3e127775e46c46988de270b627b942dd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

098779ac65ddff7cdbfb21ba18d843d0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExA

user32

GetKeyboardType

gdi32

UnrealizeObject

version

VerQueryValueA

mpr

WNetOpenEnumA

ole32

CLSIDFromString

comctl32

_TrackMouseEvent

comdlg32

GetOpenFileNameA

Sections

.text
Size: 1.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE