ba022ae58b49fa3c154b670e32e04a16_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ba022ae58b49fa3c154b670e32e04a16_JaffaCakes118
Size

3.6MB
MD5

ba022ae58b49fa3c154b670e32e04a16
SHA1

bf8ed49e2f506051535678a62d3f5c8fa2aae80f
SHA256

533634ecc6dc796ead243dfd7c95b64df7dacca51e5ef95c9c7447258514a53a
SHA512

d896b9c88914d70c11332b8f4f97cbdf05358eb59c8f678542886f6dfd457c2cd1c989a6629848f653d729f55a547bb533d70a8fd5ff7beb9ca2598227e75bb4
SSDEEP

98304:yjFS/QglXcoLWXPGmv30PapuX2+5rHZ4UIqs:US/QglXcoLWH/0ZN14C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba022ae58b49fa3c154b670e32e04a16_JaffaCakes118

Files

ba022ae58b49fa3c154b670e32e04a16_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f7c160e6486e1bd9ca4789af81fe20cf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CreateStreamOnHGlobal

comctl32

ImageList_SetIconSize

wininet

InternetGetConnectedState

urlmon

URLDownloadToFileA

winmm

timeGetTime

Sections

CODE
Size: 3.5MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE