5bdea2516c701c2fc49b15c25de9ac7f_JaffaCakes118 | Triage

Sharing

General

Target

5bdea2516c701c2fc49b15c25de9ac7f_JaffaCakes118
Size

209KB
MD5

5bdea2516c701c2fc49b15c25de9ac7f
SHA1

e38d4b295f23f1e00bcfca26f582004dfa9b728a
SHA256

5f6b406910efe9695b71fe329f88b236ded2e049213629e5ccd6806b8b30fe0f
SHA512

f7e5212c7ec3cbb5094363f93f96b9ab684f8e7c0eaeb255053dac96a14520810db68c1f98c5b0d88db3f104fb1ce2ecd5a6062a85aca782f201a9301fd8662e
SSDEEP

3072:CzzyuHBVB9IEwV9W2IE+696cyHQd7LyzmYZuVGXatnpITxG9haNb4nMpmQquFVPw:cvHBNwIEzqiy3CeaH6xGGgrtiVKndL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5bdea2516c701c2fc49b15c25de9ac7f_JaffaCakes118

Files

5bdea2516c701c2fc49b15c25de9ac7f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fac9171c6632e7c99e49e2a467178ca7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtect

user32

CharNextA

advapi32

RegCloseKey

oleaut32

SysFreeString

mpr

WNetOpenEnumA

gdi32

PatBlt

ole32

CoInitialize

wininet

InternetOpenA

shlwapi

PathFileExistsA

shell32

ShellExecuteA

avicap32

capCreateCaptureWindowA

Sections

.TaoTao
Size: - Virtual size: 508KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.298341
Size: 208KB - Virtual size: 212KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE