158da82d501be7e394b0327bcff04981_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

158da82d501be7e394b0327bcff04981_JaffaCakes118
Size

107KB
MD5

158da82d501be7e394b0327bcff04981
SHA1

aade31a9a68445a9961beb547cb1498231990b4d
SHA256

77eae992f25ca838e20f00442ead56d8848a4e0bbcfe1e7ec9eb0a701af5ea08
SHA512

78017fbb33fe10373a62370bc2f0a98d3bf4ad1b04b5c5a8d9bd44681d6b0a583149680764a0384900a113b95e9ffd5fe079d9f4b2e3f3a1504bf5191c39ad48
SSDEEP

1536:P3qNDHJvl61DrQKmN7VBEBh2gsieai57FkHB+qX0Fua0laGrikjd9g:CNtvqVCah2gseEFOUJOU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
158da82d501be7e394b0327bcff04981_JaffaCakes118

Files

158da82d501be7e394b0327bcff04981_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ffdf099e67c40e9c91ce17a9a596ae9e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetICMMode
SetRelAbs
ResetDCW
StretchBlt
SetDIBColorTable
UpdateColors
SaveDC
TextOutW

shell32

StrStrIW
SHFormatDrive
SHAppBarMessage

urlmon

IsLoggingEnabledA
URLOpenStreamA
CoInstall
GetClassFileOrMime
AsyncInstallDistributionUnit
IsValidURL

Sections

.text
Size: 24KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE