5e5e55de1809e0e6c1c445ce6d9ba554_JaffaCakes118 | Triage

Sharing

General

Target

5e5e55de1809e0e6c1c445ce6d9ba554_JaffaCakes118
Size

225KB
MD5

5e5e55de1809e0e6c1c445ce6d9ba554
SHA1

bcd31361519a80072ed714a499eb390930c178b9
SHA256

70ec0c2e0c67594f82d5339b831b3e277d5aa4f95fc845a81a3b56204b2a9a11
SHA512

3332f9656aa6462d3b543fda30f50c2f09b0aa0f41eb287db5ebcb87072a36df26927bf8c9257fc572181a299e29395efc9d80ba6a928f72e558e4eeb38a15a5
SSDEEP

6144:bFpaENSH3B/HQ2QLCGdouu7Zuj98j1xRQeE6CDMY1:/aEEXB/HQ0GuHZujejKeExDMe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e5e55de1809e0e6c1c445ce6d9ba554_JaffaCakes118

Files

5e5e55de1809e0e6c1c445ce6d9ba554_JaffaCakes118
.exe windows:4 windows x86 arch:x86

de0178cf4f3580c336129b8a94fdb6ad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CoUninitialize

comctl32

ImageList_SetIconSize

shell32

Shell_NotifyIconA

wininet

InternetCheckConnectionA

winmm

PlaySoundA

Sections

CODE
Size: 186KB - Virtual size: 512KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rorg
Size: 25KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE