0a87c1c7bf876a89480da82fee37bb9d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a87c1c7bf876a89480da82fee37bb9d_JaffaCakes118
Size

192KB
MD5

0a87c1c7bf876a89480da82fee37bb9d
SHA1

063f3874f64acf6275192c84b912541fac83109a
SHA256

9c23a0f101f0ea51040a0298f6308abf20f6612e37ab66e9cd73d12b4f764027
SHA512

ce3bfb422eb93fa658e39efd4ad46a5da030abe88099f1dfe1cc7c562aba1494f689da28c89ec0d9c444e420a4a11a6757ed2e83473d70fc2a635c70e16b8a0e
SSDEEP

3072:JL+BWLxBdlA0vjsO6pQtED//yJN0SJ+wYrmHraHGRZJ7DTBZHl+5:JLQWLf/jvjuCELjSJ+9mLaH+JLBZHY5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a87c1c7bf876a89480da82fee37bb9d_JaffaCakes118

Files

0a87c1c7bf876a89480da82fee37bb9d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fcbecabe3c079b63afe376a5b20361e6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipCloneImage

wininet

InternetReadFile
InternetOpenA
InternetOpenUrlA
InternetCloseHandle

kernel32

GetSystemInfo
LCMapStringW
SetFirmwareEnvironmentVariableW
GetLastError
SetStdHandle
LocalAlloc
GetProcAddress
GetModuleHandleA
InitializeCriticalSection
LoadLibraryA
EnumResourceTypesA
LocalFree
LeaveCriticalSection
GetShortPathNameA
DeleteCriticalSection
LCMapStringA
EnterCriticalSection
GetStringTypeA

ole32

OleSave
CoTaskMemAlloc
StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc

winmm

timeGetTime
timeSetEvent

Sections

.text
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ