9e8d71d4ddebd57f08e71dc00c67c179_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9e8d71d4ddebd57f08e71dc00c67c179_JaffaCakes118
Size

36KB
MD5

9e8d71d4ddebd57f08e71dc00c67c179
SHA1

648a872002db8adc4ac482114a22773f4dd7eab1
SHA256

ef68ad63e76e788c2f1b38a5ebaabeda1bfb57f5615c09c5a22c7453957f7cab
SHA512

cef68697bf5fb3f150b53ef2689924ce17307c7d0c329aaf380dc54c443e8d5a6bd855842c6fd147f4fb72065d7efe2dd0cbc497ce9859f00a15b3bd4b363471
SSDEEP

768:4dDnIHOCOK8VrXINQwucKtQcF6OJ7H8Tc:4dDGZVKXINQwu/QJO5Hl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9e8d71d4ddebd57f08e71dc00c67c179_JaffaCakes118

Files

9e8d71d4ddebd57f08e71dc00c67c179_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4877f1a713bec231d0eaf2e4033a6ae3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__p__commode
__p__fmode
__set_app_type
_except_handler3
_adjust_fdiv
_controlfp
_stricmp
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
strstr
_CxxThrowException
__CxxFrameHandler
strrchr
??2@YAPAXI@Z
??3@YAXPAX@Z
malloc
free
realloc

imagehlp

MakeSureDirectoryPathExists

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

kernel32

CloseHandle
GetFileSize
ReadFile
HeapFree
IsBadReadPtr
VirtualFree
VirtualProtect
Sleep
GetProcessHeap
HeapAlloc
LoadLibraryA
GetProcAddress
OutputDebugStringA
CreateThread
GetModuleHandleA
GetStartupInfoA
CreateFileA

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ