6c3d2ca34c017b32e2c4c8fc96b11fb3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6c3d2ca34c017b32e2c4c8fc96b11fb3_JaffaCakes118
Size

684KB
MD5

6c3d2ca34c017b32e2c4c8fc96b11fb3
SHA1

7d54c36e9fc5e0bbb2b1b6cdcbe5a34d64b148c6
SHA256

8eb294a84b19b1e598753a0f5439ac695b26da4f1c17987745d2d525780bafc3
SHA512

7789b83d6fc741d261483dc90078511750a16bae574c125c601616871c6e8c52ebecf42b2f936ca0cb4309f7983aee17a56918639cae0cdd02dca0e66c808c01
SSDEEP

3072://ehKhPM/et4hBOJRYz9W45phPXYFzst+GKf0NKbbm4WrkzxpdhSWShA799pjjSj://ZhU2t4COI45fPfSfb55hSWSy9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6c3d2ca34c017b32e2c4c8fc96b11fb3_JaffaCakes118

Files

6c3d2ca34c017b32e2c4c8fc96b11fb3_JaffaCakes118
.exe windows:6 windows x86 arch:x86

a1e1606e81836327f44566497e783da0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

advapi32

FreeSid

user32

GetMenu

shell32

ord165

ole32

CoInitialize

oleaut32

VariantChangeType

shlwapi

StrChrW

comctl32

InitCommonControlsEx

urlmon

CreateURLMonikerEx

msi

ord141

crypt32

CryptMsgClose

version

VerQueryValueW

wininet

InternetCrackUrlW

Sections

.MPRESS1
Size: 84KB - Virtual size: 876KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 595KB - Virtual size: 594KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE