fa16ef80fa4cb44d19c55bd53eecc606_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa16ef80fa4cb44d19c55bd53eecc606_JaffaCakes118
Size

1KB
MD5

fa16ef80fa4cb44d19c55bd53eecc606
SHA1

a65c1d16ffd661511b5c9aee26b99a8dcb6b539f
SHA256

013da892e7ac4caa44750cb07a33442712d5a54ec5f293fc755328789a4f3e33
SHA512

dce7000eb06ac87ef585f229e30d5a8cb353ba1a40e0164dd1f1ec535781bfc5ac1942fcef4766ca13f392db7d90f766b98c9ff173b4061d9d8782a3541ce91d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa16ef80fa4cb44d19c55bd53eecc606_JaffaCakes118

Files

fa16ef80fa4cb44d19c55bd53eecc606_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f1225317ca77fda6eababab2f5ce8484

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateThread
DisableThreadLibraryCalls
FreeLibraryAndExitThread
GetTempPathA
WinExec
WriteFile
lstrcatA

wininet

InternetCloseHandle
InternetOpenA
InternetOpenUrlA
InternetReadFile

Sections

.text
Size: 476B - Virtual size: 474B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.import
Size: 436B - Virtual size: 434B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 44B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ