5f60c1a020fccb628b6bad5d65883825_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5f60c1a020fccb628b6bad5d65883825_JaffaCakes118
Size

232KB
MD5

5f60c1a020fccb628b6bad5d65883825
SHA1

6ebe76cf9690ab847ab3e39af910e962785809a5
SHA256

ce674ac815ee91153c4ec0de9f79175c3f62e56d64d3ddb8355bf733ba15cd0e
SHA512

17995bab0cb2b69e168c7ec5b9be8fbefdc05e0363a4b10e9b62ea9d6f8c7bb9b460f8bc920c06be5a42c94c4501718049ca2e08802b88642054c064362c92c4
SSDEEP

6144:9sSfWa8OqCjE5TWTpxU8f6eSNEkFSi+8Y8vAb:BWzOqCjeT89e48v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f60c1a020fccb628b6bad5d65883825_JaffaCakes118

Files

5f60c1a020fccb628b6bad5d65883825_JaffaCakes118
.exe windows:4 windows x86 arch:x86

033bd97f399e2f964e0ec7d276c75f82

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

winmm

timeKillEvent

user32

RegisterClipboardFormatA

gdi32

GetViewportExtEx

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA

advapi32

RegSetValueExA

comctl32

ord17

shlwapi

PathFindFileNameA

oledlg

ord8

ole32

CLSIDFromString

oleaut32

VariantCopy

ws2_32

WSAStartup

wininet

InternetCanonicalizeUrlA

Sections

.text
Size: 111KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 113KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xIkUg
Size: 7KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE