1b3ed7f2c1143133228d107d1b2fd5aa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1b3ed7f2c1143133228d107d1b2fd5aa_JaffaCakes118
Size

192KB
MD5

1b3ed7f2c1143133228d107d1b2fd5aa
SHA1

43b24232275976b49df2fd657081d72f643d7e18
SHA256

a05b389d1825643cd078926bc078591ac63e08693ec5e39765f507bc95f5e598
SHA512

fde47140b29fc7605e357a265f9b84fff42c4da11225de0f6ac935499a5ac3dd16515ad9a57d75d1e5d966f0fa564811cf81da8a6b7e98aeeaf04702c0d8f9f9
SSDEEP

3072:JL+BWLxBdlA0vjsO6pQtED//yJN0SJ+wYrmHraHGRZJ7DTBZHl+5:JLQWLf/jvjuCELjSJ+9mLaH+JLBZHY5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b3ed7f2c1143133228d107d1b2fd5aa_JaffaCakes118

Files

1b3ed7f2c1143133228d107d1b2fd5aa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fcbecabe3c079b63afe376a5b20361e6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipCloneImage

wininet

InternetReadFile
InternetOpenA
InternetOpenUrlA
InternetCloseHandle

kernel32

GetSystemInfo
LCMapStringW
SetFirmwareEnvironmentVariableW
GetLastError
SetStdHandle
LocalAlloc
GetProcAddress
GetModuleHandleA
InitializeCriticalSection
LoadLibraryA
EnumResourceTypesA
LocalFree
LeaveCriticalSection
GetShortPathNameA
DeleteCriticalSection
LCMapStringA
EnterCriticalSection
GetStringTypeA

ole32

OleSave
CoTaskMemAlloc
StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc

winmm

timeGetTime
timeSetEvent

Sections

.text
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ