60daea2b6ae922a4cd7a3bf51c7e2b57_JaffaCakes118 | Triage

Sharing

General

Target

60daea2b6ae922a4cd7a3bf51c7e2b57_JaffaCakes118
Size

53KB
MD5

60daea2b6ae922a4cd7a3bf51c7e2b57
SHA1

cb88113295901acf7d23e8c844e0bebd10a87b52
SHA256

fa959f924ea8a38788f07c654c01ca26653c9f41bb06994bf3f9045030eb9bdd
SHA512

208f1825323ad4575f808c5d6ee2338fe6206467033c52faf3e77855cc9960ee4d79261257d52cbd21c104814b1ad73e34250eddcf6d713f50b245ce2dfeea17
SSDEEP

1536:SyNGoFk3mZCKFCRhsv8DXWaaxge8WBxsG0YwAE7QW:SyN96mjFCRhJN+8Wr03p0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60daea2b6ae922a4cd7a3bf51c7e2b57_JaffaCakes118

Files

60daea2b6ae922a4cd7a3bf51c7e2b57_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3d4b339bab42e849ba93549ff37e3541

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

gdi32

TextOutA

shell32

ShellExecuteA

wsock32

WSAStartup

urlmon

URLDownloadToFileA

shlwapi

PathFileExistsA

wininet

InternetGetConnectedState

msvfw32

ICCompressorFree

avicap32

capCreateCaptureWindowA

Sections

CODE
Size: 46KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE