1b483fe33af283960fe7bc1a006929c3_JaffaCakes118 | Triage

Sharing

General

Target

1b483fe33af283960fe7bc1a006929c3_JaffaCakes118
Size

11KB
MD5

1b483fe33af283960fe7bc1a006929c3
SHA1

569d43b6c0f24e2be76754eb474db6f79b58e709
SHA256

c7bac3327d7a7c357ff1f2d454ba3d1fac84815a8d85477322dc857bdaa97d04
SHA512

05db218086ab57cd4ba1a542740e06caebe8cdb0b30fc1b55a00482c99581c6c8a2e590801f02953d34af8b6146d11024a0c083d8c5204d3a63782b3a79a1890
SSDEEP

192:sNlqG8ZacwDxh2jCjGrO4xidIJdUj4GmYjsmEYZamscTXbfbYDpOKmU0aqqTiZ:sNlqpaxxhUKsO4iIJjGm4hEEZTXADzga

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b483fe33af283960fe7bc1a006929c3_JaffaCakes118

Files

1b483fe33af283960fe7bc1a006929c3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a7228b250cda683afc0fecb0ec56079c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalReAlloc
GetTempPathA
GlobalAlloc
GlobalFree
CreateProcessA
lstrlenA
ExitProcess
WriteFile
DeleteFileA
CloseHandle
ReadFile
GetFileSize
CreateFileA
Sleep
GetVersionExA
GetCommandLineA
WideCharToMultiByte
MultiByteToWideChar
GetTickCount
SetFilePointer
CompareStringA

user32

wsprintfA

wininet

GetUrlCacheEntryInfoExA
DeleteUrlCacheEntry

urlmon

URLDownloadToFileA

ole32

CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

SysFreeString
SysAllocString

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE