0c7de0b3a384478ee6e0e663f5baae44_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c7de0b3a384478ee6e0e663f5baae44_JaffaCakes118
Size

11KB
MD5

0c7de0b3a384478ee6e0e663f5baae44
SHA1

98ed8b8507c8ef947b9244d49ca26b8730139291
SHA256

06b5610c4e97ebbe001aec00aab9f2e2cb23b52a4c2d50282ba30828cff4a44d
SHA512

e3c112463c8f557262ffbb039a3d09639682fff62195a3c331556b57d32882707ea85684fa8875d95b187a4a2be03838e8405067bad409fb4dd0ef85280766bc
SSDEEP

192:3LgXZaAWSNbCjzrO4DTIJdU5UGmYjsmEYZamsczbNf1Dp81nLWHd/5UiK:3LoaJSNbafO4DTIJFGm4hEEZzPDOLW9B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c7de0b3a384478ee6e0e663f5baae44_JaffaCakes118

Files

0c7de0b3a384478ee6e0e663f5baae44_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cf851331cedb63934da55ae745414aca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalReAlloc
GetTempPathA
GlobalAlloc
GlobalFree
CreateProcessA
lstrlenA
ExitProcess
WriteFile
DeleteFileA
CloseHandle
ReadFile
GetFileSize
CreateFileA
Sleep
GetVersionExA
GetCommandLineA
WideCharToMultiByte
MultiByteToWideChar
SetFilePointer
CompareStringA
GetSystemTimeAsFileTime

user32

wsprintfA

wininet

GetUrlCacheEntryInfoExA
DeleteUrlCacheEntry

urlmon

URLDownloadToFileA

ole32

CoUninitialize
CoInitialize
CoCreateInstance

oleaut32

SysAllocString
SysFreeString

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1002B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE