2804a090737d3aaf87d5dff9a8966bf1_JaffaCakes118 | Triage

Sharing

General

Target

2804a090737d3aaf87d5dff9a8966bf1_JaffaCakes118
Size

86KB
MD5

2804a090737d3aaf87d5dff9a8966bf1
SHA1

f8673fbb90d54574b55c032620f92990f1f20800
SHA256

5a2a0651d4008613ffa41a30d4bd052af8e3ed80cb3d0668871f6b328ceddfea
SHA512

90d2d88a0fbfbc6147648df3ed54f04491b7548edc78d4190f62128a7c81db17a5e1a0797c716fb11ea42f045112dfd745ce6bd7f46d46a794ad003565a7ebef
SSDEEP

1536:ANKDUqc0EOui3L5Zo+DaFpUowyT6w486yvRP+H4SOJcN/KmIrg:ANK9cSV39++DaFpUow9w4OvRq/OJisg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2804a090737d3aaf87d5dff9a8966bf1_JaffaCakes118

Files

2804a090737d3aaf87d5dff9a8966bf1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5ebb2b3c3540b117fec7845326afa2d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

msvcrt

memmove

wsock32

closesocket

user32

GetClientRect

gdi32

SetBkColor

advapi32

LookupPrivilegeValueA

shell32

ShellExecuteA

urlmon

URLDownloadToCacheFileA

version

GetFileVersionInfoSizeA

wininet

InternetGetConnectedState

ole32

CoInitialize

oleaut32

VariantClear

Sections

pec1
Size: 55KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE