fe6248f3b39ad15d7dd24512d0a1437e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fe6248f3b39ad15d7dd24512d0a1437e_JaffaCakes118
Size

55KB
MD5

fe6248f3b39ad15d7dd24512d0a1437e
SHA1

787e5298bfcd55c5469e305175bb0bdbc2c8228a
SHA256

42770fe2b8aeb3894bdc1fbf12b2892002c20176de370dc7d47cf7ed57a83962
SHA512

e4875bf710a42ec60660d8d9f2938d0cbaf8eed4b0aa02d102131e3000c7798d655df36fe7c9f22425203f4c5980964e729e4fdc26f7882c05b15ae7103227b7
SSDEEP

768:lEtZK8niXo/+c4/Z3lr3vS2988RLuEGyozOFrB1NmT465G/Gn9/Wl665Nmclqn/7:itpnMDpp98IEGB1NmscG/OVgNmXj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe6248f3b39ad15d7dd24512d0a1437e_JaffaCakes118

Files

fe6248f3b39ad15d7dd24512d0a1437e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d4083ffa19bdcaa817fb6739d3db64c0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetVolumeInformationA
GetTempFileNameA
HeapFree
LockResource
CreateFileA
SizeofResource
FindResourceA
GetSystemDefaultLCID
ExitProcess
lstrcatA
FreeResource
CloseHandle
GetWindowsDirectoryA
lstrlenA
GetLocaleInfoA
GetTempPathA
IsDebuggerPresent
SetUnhandledExceptionFilter
LoadResource
SetErrorMode
CreateDirectoryA
lstrcpyA
WriteFile
MoveFileExA
GetProcessHeap
DeleteFileA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RtlUnwind

user32

wsprintfA

advapi32

RegCloseKey
RegSetValueExA
RegOpenKeyA
RegCreateKeyA
RegDeleteKeyA
RegQueryValueExA
RegOpenKeyExA

shell32

ShellExecuteA
SHGetSpecialFolderPathA

urlmon

URLDownloadToFileA

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ