e8425787b42fefa0d9dafbee23eb8043_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e8425787b42fefa0d9dafbee23eb8043_JaffaCakes118
Size

24KB
MD5

e8425787b42fefa0d9dafbee23eb8043
SHA1

d19397aacb5c0a725a0257bde5f049f45c5419be
SHA256

6ec13fba9a9f1258e9a2ed84d0f245683e7517c3cc2f9d18fb83b8f909e9fb8d
SHA512

1dd035dbf1b326f4fca0abc8447482bd7bf1b5f42a76f4489c670a8daa5fc767685564c0bd354301807b100a81fb71c7b1910213498a999c5272ecbaba9e98c1
SSDEEP

192:Gmyfw8sKmWOMACC+cTycWS9XhYIIoh+yerQXKHIXIywqmZBdZDFIpj4uB3ewjpXD:ny1hGSSRYII/cmlUj4whyy71rh6o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e8425787b42fefa0d9dafbee23eb8043_JaffaCakes118

Files

e8425787b42fefa0d9dafbee23eb8043_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6c0704c82ac117db0cf210dc248318ae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WinExec
FindFirstFileA
GetWindowsDirectoryA
FindClose
CreateFileA
Sleep
GetLocalTime
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
GetStringTypeW

shell32

ShellExecuteA

urlmon

URLDownloadToFileA

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE