ffabe968053f48b496531bffb130ae81_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ffabe968053f48b496531bffb130ae81_JaffaCakes118
Size

124KB
MD5

ffabe968053f48b496531bffb130ae81
SHA1

14de5bae7e727de53ed1b7df6d64730ecb3144a2
SHA256

d405aa7ee1905e0e87f3e8726a8af7a924970d41ea5281cd753f3f73db09122f
SHA512

eafbdbbd96518f3288d7ed1b502a544badbaac88133e6491a5ec501256cc0b384bfe2c94764b084589de27a49ba758e3c434c70557fe6df41f6c4cd72047692d
SSDEEP

3072:8ADXRzK3I/Ju4eOUmhXBtltAjxpsc9WacEcSMEG:ZXRzK3GM9d2XlqjwmWaB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffabe968053f48b496531bffb130ae81_JaffaCakes118

Files

ffabe968053f48b496531bffb130ae81_JaffaCakes118
.exe windows:4 windows x86 arch:x86

185d630245e526903a424747a5873f5c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

FindFirstUrlCacheEntryW
FtpPutFileEx
GetUrlCacheEntryInfoA
GopherGetAttributeW
DetectAutoProxyUrl
GopherGetLocatorTypeA

kernel32

MulDiv
SetupComm
IsBadWritePtr
GetConsoleMode
LocalFree
HeapSummary

user32

CopyRect
CallMsgFilterA
AdjustWindowRect
CreateIcon

Sections

.text
Size: 62KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE