0dad0c6429468124a48228944011ab55_JaffaCakes118 | Triage

Sharing

General

Target

0dad0c6429468124a48228944011ab55_JaffaCakes118
Size

7KB
MD5

0dad0c6429468124a48228944011ab55
SHA1

c0722e1c36fbc95eff262952a07a1fe38b38b40b
SHA256

5c49d33bebff5bc7bfa27b85a99065792fc8a2a663c495a59185a552d2f2ec32
SHA512

7c2675d36a6e5fe8cfdafef41a5da6c2ce8394d861576b4128f1607138e6e26f7df6ad4a228cfab2aedb593884ec22605781fc8c57715930c066f30d1e1e8465
SSDEEP

192:aS85Zl/9KzgoZk7jkWt9dyyYU/lYwEJiD:QB18zZMddyyYUdYwiA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0dad0c6429468124a48228944011ab55_JaffaCakes118

Files

0dad0c6429468124a48228944011ab55_JaffaCakes118
.exe windows:4 windows x86 arch:x86

51b4a7cda29385ecc45455c634995f85

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
WriteProcessMemory
GetCurrentProcess
FreeLibrary
SetFilePointer
ReadFile
GetFileSize
WriteFile
SetUnhandledExceptionFilter
GetProcAddress
LoadLibraryA
GetComputerNameA
GetCommandLineA
GetStartupInfoA
GetTickCount
Sleep
CloseHandle
GetVersionExA
OpenSemaphoreA
GetModuleHandleA
ExitProcess
HeapFree
GetProcessHeap
HeapAlloc

user32

wsprintfA

advapi32

RegCloseKey
RegOpenKeyA
RegSetValueExA

shell32

ShellExecuteA

wininet

HttpOpenRequestA
InternetOpenA
InternetCloseHandle
HttpSendRequestA
InternetConnectA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE