5f3e2cac77760fe4224ddc7a94d406fd_JaffaCakes118 | Triage

Sharing

General

Target

5f3e2cac77760fe4224ddc7a94d406fd_JaffaCakes118
Size

302KB
MD5

5f3e2cac77760fe4224ddc7a94d406fd
SHA1

5fddace169e4d70fd4fbe6d635ce6099e1f92dd5
SHA256

714cc23a79812901427fdc06cdf6a70ad7f2f0d73923b0b2eac9c22946d02800
SHA512

d57537f1aa76c3cdd6056c369fee387fc4544918cda84ea8cf34150db8de8548e501b06df43aaa151692ccc8f16090d19fece45f50fba5a74113c97670701ea5
SSDEEP

6144:D7SymAQVpE8eYqBiOCGvQEXHs2yX+Hd6Outk6S+D4HMK:/S9nX2dCGvbXsRX+HoxPSZR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f3e2cac77760fe4224ddc7a94d406fd_JaffaCakes118

Files

5f3e2cac77760fe4224ddc7a94d406fd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ab77e5643c7f3db8776dfe92e55aa85b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

gdi32

UnrealizeObject

comctl32

ImageList_SetIconSize

shell32

Shell_NotifyIconA

urlmon

URLDownloadToFileA

wsock32

WSACleanup

Sections

CODE
Size: 269KB - Virtual size: 712KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE