5d673af0c6ab560296bbf4fb8253589e_JaffaCakes118 | Triage

Sharing

General

Target

5d673af0c6ab560296bbf4fb8253589e_JaffaCakes118
Size

264KB
MD5

5d673af0c6ab560296bbf4fb8253589e
SHA1

6a6ef5f5f0aa768a43c5fea880d8751a0ee404a4
SHA256

68e0fdd41412bf43f1633b43aa08f4aba379858e2de40acdd8dba58a4ff93113
SHA512

bad34ecc9c5b7d82f95eb93b3398cba608ad4f50ac056f072fdee4bd0556ab073f3d3d3a32aedd4071cd8a7c105d6a2bcb5644bf0dbcdc3c7154c39f248dc37f
SSDEEP

6144:9Z7R/oluiy/RVUio0vdUw/Z/1L/Z3bDO+orgqCnMGv:9Z7OoiyJVdvd9/nLhrDcTCnFv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d673af0c6ab560296bbf4fb8253589e_JaffaCakes118

Files

5d673af0c6ab560296bbf4fb8253589e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

22d6128a0108d84c8aec682e6a542f65

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExA

user32

GetKeyboardType

gdi32

UnrealizeObject

version

VerQueryValueA

wsock32

__WSAFDIsSet

shell32

ShellExecuteExA

ole32

CoTaskMemFree

urlmon

URLDownloadToFileA

comctl32

_TrackMouseEvent

wininet

InternetOpenUrlA

winmm

waveInUnprepareHeader

netapi32

Netbios

gdiplus

GdipGetImageEncoders

ntdll

NtQuerySystemInformation
NtUnmapViewOfSection

ws2_32

WSAIoctl

msacm32

acmStreamUnprepareHeader

shfolder

SHGetFolderPathA

avicap32

capGetDriverDescriptionA

Sections

.text
Size: 224KB - Virtual size: 728KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE