150439e08ae6f8d824815329ed980918_JaffaCakes118 | Triage

Sharing

General

Target

150439e08ae6f8d824815329ed980918_JaffaCakes118
Size

31KB
MD5

150439e08ae6f8d824815329ed980918
SHA1

a5d1bdf21c0d5e5f709e876d04f32e911296ada8
SHA256

a24364628a348cc210b454626a728971c2ea629942078f23df7e0e7c4876fc1b
SHA512

b812c2cb4940d22c31d250d2a6ca9cf5dcf70c7532a6d23d32a89be68dd28551556a7d45e59b523df156eb969e1d8b3a86b8769af34a09f72c5d95c0dbdf9f5f
SSDEEP

48:C0ghvS9tJ7j/V2I9gV4UcKEwMsAE2nLp7EW7zmGWXNbgAY:GAkImV4Uczw6E2CWGF2X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
150439e08ae6f8d824815329ed980918_JaffaCakes118

Files

150439e08ae6f8d824815329ed980918_JaffaCakes118
.exe windows:4 windows x86 arch:x86

be56177ef07a66f59aa70396082866db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeResource
SizeofResource
LoadResource
FindResourceA
CloseHandle
WriteFile
CreateFileA
WinExec
Sleep
GetTempPathA

user32

PostMessageA
GetMessageA
GetInputState

wininet

InternetReadFile
InternetOpenA
InternetOpenUrlA
InternetCloseHandle

fclose
fopen
malloc
fwrite

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ