21076457f6d7c11ec1b9885a4f7b3f7d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

21076457f6d7c11ec1b9885a4f7b3f7d_JaffaCakes118
Size

24KB
MD5

21076457f6d7c11ec1b9885a4f7b3f7d
SHA1

642b419f3ee9902887e2cf667c6371d48ff086ac
SHA256

e4a6bf2eb4cec4c35966542a116f5f2c446645ce9772f07d00689dbb62259e39
SHA512

13e1adef5b6c8342f349170a4fc3185d7da394f9a4789499e63e20c11e500e2734ca9d6b86fa3940e1c802ed59a0f9c0988568ef423bc0587776814eea066c9c
SSDEEP

48:CYqQOvxYwB8BAABe3NB3Vt3b1+FBj+Gvy++hCpX2tll7B0+sE24UC8KDO:MQOv6pBqTUmGvy+Qll7BMERUCdD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21076457f6d7c11ec1b9885a4f7b3f7d_JaffaCakes118

Files

21076457f6d7c11ec1b9885a4f7b3f7d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

730ba1da85e7ca7cecba42bba2692ce3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord342
ord1253
ord823
ord1168
ord825
ord1182

msvcrt

_adjust_fdiv
malloc
_initterm
rand
exit
free
_except_handler3

kernel32

GetFileSize
CreateThread
ReadFile
WriteFile
GetTempPathA
CreateFileA
CreateProcessA
CloseHandle

user32

wsprintfA

advapi32

RegCloseKey
RegOpenKeyExA
RegDeleteKeyA

urlmon

URLDownloadToFileA

Exports

Exports

ThreadEntry

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 842B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 212B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ