fa95ddfbc705367311f67aab83bfea36_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa95ddfbc705367311f67aab83bfea36_JaffaCakes118
Size

19KB
MD5

fa95ddfbc705367311f67aab83bfea36
SHA1

3ba0201184c9d0d38d32603e8e6c242f57c3594d
SHA256

ab1779fa66003e45f622ffaa132be57d8460d4435d91a070804e91bcb88335c4
SHA512

9e2c8a881f1a54162b946890622dac0546208b4a9b2c70bdc0e80a01b19d2daf7c24ddd30ca70e72709e2534d9266ba532da93fd75bd6605b9a74282319cb535
SSDEEP

384:ksm2EgMVlsN6HM1kbtSk4faTjROSB1hihQ2xk3NY1gYnX8rLi4:Tm21qlQg0kZSMT8S8QWSN210LH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa95ddfbc705367311f67aab83bfea36_JaffaCakes118

Files

fa95ddfbc705367311f67aab83bfea36_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f0e488d12e75932de6131e40a5debaa3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualProtect
GetModuleHandleA
GetProcAddress

user32

IsWindow

advapi32

RegCloseKey

msvcrt

exit

wininet

InternetOpenA

ws2_32

gethostbyname

Sections

.text
Size: 18KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 777B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 17B - Virtual size: 17B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE