fdbf0f4d11ea6b20c768e37446ed193e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fdbf0f4d11ea6b20c768e37446ed193e_JaffaCakes118
Size

32KB
MD5

fdbf0f4d11ea6b20c768e37446ed193e
SHA1

4c46e9a8246d6175e7b77c787347fbf149bf2bd1
SHA256

8617b96e963a936f5d00a6bc6e52f128b31a74f70f200654b26561ad4c731e42
SHA512

97045964f5115a8c4d0d728fefaebd3f66d579c7e30d3cbb80ed1c67f99e224f0addc91b67fcf8a775243253d91bb52dffb2e07960f07d322eef2b3f6295bc37
SSDEEP

768:oa+sIts1Py4mCr08/aJMQh8b/PHu1l19oVHzdshh1:ottsU4xJkM68DPOehWhX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fdbf0f4d11ea6b20c768e37446ed193e_JaffaCakes118

Files

fdbf0f4d11ea6b20c768e37446ed193e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

50e1c90c5c0e333c4943c753097b4df8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

msvcrt

??1type_info@@UAE@XZ

rasapi32

RasGetEntryDialParamsA

ws2_32

gethostbyname

wininet

InternetCloseHandle

user32

wsprintfA

advapi32

AddAccessAllowedAce

shell32

ShellExecuteA

oleaut32

GetErrorInfo

Sections

pec1
Size: 23KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE