07b1d709ac6063579f504d5039b9c88c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

07b1d709ac6063579f504d5039b9c88c_JaffaCakes118
Size

161KB
MD5

07b1d709ac6063579f504d5039b9c88c
SHA1

7648123b00a46b0c7c0bb655acb9a5e443c066ab
SHA256

7ce44553bc7f50aea8e2161b9b46be12eebb7fc9740485640c3c219eead06256
SHA512

e29a510e0630742bbdc2537764d04d4804d0490a63d38e87762eae47b846b9d48f6d59da969752e59a1ada1609f341c65b9bf882578e70808f20c55201a84073
SSDEEP

3072:y8F0zDGhGll9O3eCl02Cyk64WlF8vsRHfcg3XjZ/2XXJP/UzwocAQwxOQzLEyK0C:pF6SGlnseAM64Xvs33XQntsMAMQzLEJz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07b1d709ac6063579f504d5039b9c88c_JaffaCakes118

Files

07b1d709ac6063579f504d5039b9c88c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

72562c21745830d31343814dda230283

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

wininet

FtpPutFileA

user32

GetKeyNameTextA

gdi32

CreateDCA

advapi32

RegSetValueExA

ole32

OleRun

oleaut32

SysStringByteLen

Sections

.text
Size: 155KB - Virtual size: 644KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE