a8e248cea18d77dcc2fc3c8c952fe69d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a8e248cea18d77dcc2fc3c8c952fe69d_JaffaCakes118
Size

72KB
MD5

a8e248cea18d77dcc2fc3c8c952fe69d
SHA1

84fc34ff59fe4824334f58240137b842f27aaf33
SHA256

9ef9735f0f3f37300fd4aa664499804a0f613ec0b94a984632aeea8f944b04ff
SHA512

1123e6b65de12c303b2ff71d8a5d30dbc2d15013c56791d79d6787f8bd604415211f9ee9dda16402daf2a7faf2b582237eb55d04957fffc8773dc8f3ef32a9b4
SSDEEP

1536:4cppqsVzbVLII1B9eOsscG5Qhb9gsWPRXxJq2:JppLFhRns5hb9gsWPBC2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a8e248cea18d77dcc2fc3c8c952fe69d_JaffaCakes118

Files

a8e248cea18d77dcc2fc3c8c952fe69d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0d88b7d839c8b0098f3516263870ac5d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

advapi32

FreeSid

user32

IsWindow

ole32

CoInitialize

comctl32

PropertySheetA

shell32

SHGetMalloc

wininet

InternetCrackUrlW

setupapi

SetupCloseInfFile

wintrust

WinVerifyTrust

wsock32

WSACleanup

urlmon

UrlMkSetSessionOption

msvcrt

exit

oleaut32

SystemTimeToVariantTime

version

VerQueryValueA

Sections

.MPRESS1
Size: 64KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE