5d58cbbb294b8869e62da1558042f78b_JaffaCakes118 | Triage

Sharing

General

Target

5d58cbbb294b8869e62da1558042f78b_JaffaCakes118
Size

1.6MB
MD5

5d58cbbb294b8869e62da1558042f78b
SHA1

0f1c88b1e6304cc4fe0e196d85e217d26e1b398f
SHA256

8fa2ea30c983fcccf825cf0983932b6cd834229b8e7ac11fa2060ca66c203c11
SHA512

506b97a2c3ea1b6cce3220efcef84470f8d11c21e34d25cd92c0757deb0be880ca3324c888deb45fac23986cb6e674a430502a210f9853000a9ce3613a36395f
SSDEEP

24576:qCVoOmFAR1NSYJv2vVRCn4dACvyj/dw6uXg/OL4d5IkvEOH:qeb+APIYJv2ds4dzyiQVWO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d58cbbb294b8869e62da1558042f78b_JaffaCakes118

Files

5d58cbbb294b8869e62da1558042f78b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

496a714a01474dd92f9c76fa0a1a6991

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CreateStreamOnHGlobal

comctl32

ImageList_SetIconSize

shell32

SHGetFileInfoA

wininet

InternetGetConnectedState

urlmon

CoInternetCreateZoneManager

comdlg32

GetSaveFileNameA

Sections

CODE
Size: 1.6MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE