ede7fd69cff6570e6e7351bb5c73bca6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ede7fd69cff6570e6e7351bb5c73bca6_JaffaCakes118
Size

44KB
MD5

ede7fd69cff6570e6e7351bb5c73bca6
SHA1

5aec4ffbf6fd424b686b82413f6d291238265c65
SHA256

248353e558a96dd0c2e264af43c0cf29a0a458aa1f4941eeae9026e88ab74e63
SHA512

a18771767428b4aab23bd93b9819ef025676e4b92f4840e07ad478d7c9b2255cbe4c392eabeca2b31cc44c0e8dcc935a8330a2265e61034b6af5da655fd34fb0
SSDEEP

768:8916aoqUs48KCTcjEjrHx5660mAzwtRhCZtxFdvoxMwWr1iQEaZrBnhanm2pLQIL:Ok35jWR56gQtxPaeoqYmhIRd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ede7fd69cff6570e6e7351bb5c73bca6_JaffaCakes118

Files

ede7fd69cff6570e6e7351bb5c73bca6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1900879c98b4a96d399d6ce626330c68

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

urlmon

URLDownloadToFileA

shell32

ShellExecuteA

Sections

CODE
Size: 34KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE