d5ce24c9abdad7cd9164327c9394c16f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d5ce24c9abdad7cd9164327c9394c16f_JaffaCakes118
Size

66KB
MD5

d5ce24c9abdad7cd9164327c9394c16f
SHA1

4183d4240cb828b489afe45d85e2e839ae9fa0aa
SHA256

69af8f806087efe05351c7652e5090ee292b8791d389d55d9fc918220bf55b4e
SHA512

d50d00af686029b1402a53338ef6d4c32da1c236843d4f5b445c93948d9bfba3b8212b00a8ea11efc6a700974c828aca197b7a851ef50d76179e07c555dea553
SSDEEP

768:dsG8gah4IUzV1BCexS5tMbiSdsXhxiFEg1Q5mHGuGZZ+0TcLwXmqyZIcSjNkwkX:d04IYf7QtMb3SxEEyGdTcLJmdjNkL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5ce24c9abdad7cd9164327c9394c16f_JaffaCakes118

Files

d5ce24c9abdad7cd9164327c9394c16f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cfef8918eb06fe9cd292b786655a4658

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

urlmon

URLDownloadToFileA

Sections

CODE
Size: 36KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE