0da3f50589e2f1c21fc72f7003d5c12d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0da3f50589e2f1c21fc72f7003d5c12d_JaffaCakes118
Size

445KB
MD5

0da3f50589e2f1c21fc72f7003d5c12d
SHA1

67e5317840ee7f213d85b5756e60e6a62558c4d9
SHA256

29a0fa3dc08ce1ff3d51be4c70c6a9c4dd45dcf7fe13949fad23ac6ed346541c
SHA512

51fb8dbbbad7792c7dc8ae5c409fafdf5c98bfc13c6de06930391691488db8eed0442e707fbe588fe1b733c7b102c3f77fa7c13905d6170a90684f3f63775888
SSDEEP

12288:q8iOEgKT72RC6a2teUdBJbdDB8Cmm0RV1YOZZNUnj:MSU2RNa8eUrd3j72VqKNUnj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0da3f50589e2f1c21fc72f7003d5c12d_JaffaCakes118

Files

0da3f50589e2f1c21fc72f7003d5c12d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

13d5dd27b3ef901f1225a2c6aa0cd171

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

NtAllocateVirtualMemory

kernel32

Beep
InterlockedExchange
LocalAlloc
RaiseException
FreeLibrary
GetLastError
GetProcAddress
GetSystemTimeAsFileTime

wininet

InternetCrackUrlW

ws2help

WahCloseSocketHandle

msvcrt

free
_initterm
malloc
_adjust_fdiv

advapi32

QueryServiceStatus
RegSetValueExW

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 920KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 292KB - Virtual size: 291KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE