a4364a106e8c291bb012a67bb746ff84_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a4364a106e8c291bb012a67bb746ff84_JaffaCakes118
Size

186KB
MD5

a4364a106e8c291bb012a67bb746ff84
SHA1

c02c24cce5a7acd9404d9d407802ef3ea03d1bcd
SHA256

df1aba657f102960129d592405c1ba3d7e45906634a919481061c4ac75f84d85
SHA512

8d17c57c22ab5e8f620b7835c742d0950b20a223a28ee1e0498bdb314e456a3d268d1db99b055ce6b4953696ea5580cb246ed782e3a1f4f31ae2863f9011fc7d
SSDEEP

3072:LLjUOv4+UHIhaHeIl1Wf0Q6P3Ohzn56Zv+WVcknMDSoaulq6e76ZdEYzlCD1:f5/7haHex8PP3KznA+WPnMxaD6e76ZZU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a4364a106e8c291bb012a67bb746ff84_JaffaCakes118

Files

a4364a106e8c291bb012a67bb746ff84_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4a2a2ab80f9b09e15889d0279e84614e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

MessageBoxA

advapi32

LookupAccountNameA

ole32

CoCreateInstance

ws2_32

accept

shlwapi

PathFileExistsA

dnsapi

DnsQuery_A

shell32

SHGetSpecialFolderPathA

msvcrt

_CIfmod

oleaut32

SafeArrayAllocDescriptor

Sections

.MPRESS1
Size: 175KB - Virtual size: 408KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRES87
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE