5b786fd7df26a6bc1ad9b2eb4cd493b6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5b786fd7df26a6bc1ad9b2eb4cd493b6_JaffaCakes118
Size

562KB
MD5

5b786fd7df26a6bc1ad9b2eb4cd493b6
SHA1

57069108e0bd952adf96b4f29f41035cdeb4d336
SHA256

0df80e5cfac75abd5e888a88da51bd78f493f4f527fb98aee7830c7ea27b0ab0
SHA512

4fe0ce3658da6a2160b6ff4ec9a0c8a4cc5d6e4781f4194dff8af19033cf9bbbf3cd71780fc2d49c2f1de47582c88a9a51b8068bbb87a48a4f61ad2a26b2a548
SSDEEP

12288:8KqiWE3TE8mstXqqelS+6W7RjfwHkJJLO/URbqBBa:8oLDE8NRO1flJQ/UB7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b786fd7df26a6bc1ad9b2eb4cd493b6_JaffaCakes118

Files

5b786fd7df26a6bc1ad9b2eb4cd493b6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

95ea4f57c5d1818e26cb8502295452be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

memset

comctl32

InitCommonControls

user32

SetLayeredWindowAttributes

gdi32

CreatePatternBrush

advapi32

RegOpenKeyExA

oleaut32

SysAllocStringLen

winmm

waveOutOpen

ole32

CoInitialize

shell32

SHGetSpecialFolderLocation

wininet

InternetGetConnectedState

wsock32

closesocket

Sections

.code
Size: 547KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE