f1b42ab61f27e175135d53e88b7cb81a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f1b42ab61f27e175135d53e88b7cb81a_JaffaCakes118
Size

11KB
MD5

f1b42ab61f27e175135d53e88b7cb81a
SHA1

b7556c5962022cd0ee4de430050ea39d194f579b
SHA256

b689c534541733430751e42cb188eaea690307ce19e2a7f6a27d897fb23b1e55
SHA512

8c1c03d1063563d59b0ae9c82dba0b84f9fdfdbff11fa9e08287de0d9afb5aca6a06e4d56fdab7c58e484262ce0bfb28011d1d931809a442e7792c1caa080c1e
SSDEEP

192:/Dz0T4pv0nUcsjJ062HR6fZAIYROtIZZgPRJ9lQsTZJATsyver:3G4pv3cKJ4RcZAIYRrZGPRJ9llTSs4u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f1b42ab61f27e175135d53e88b7cb81a_JaffaCakes118

Files

f1b42ab61f27e175135d53e88b7cb81a_JaffaCakes118
.exe windows:1 windows x86 arch:x86

88b2079673cb819b21becf25281696ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ExtractAssociatedIconA
ILAppendID
ILCreateFromPathA
OpenAs_RunDLL
OpenRegStream

urlmon

ObtainUserAgentString
RegisterBindStatusCallback
ReleaseBindInfo
RevokeBindStatusCallback
UrlMkBuildVersion
ZonesReInit

Sections

.text
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE