247bd641cd074a2eeb968e9044aae06c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

247bd641cd074a2eeb968e9044aae06c_JaffaCakes118
Size

24KB
MD5

247bd641cd074a2eeb968e9044aae06c
SHA1

510836af1975818e5241ed45ae1e53d666da2f94
SHA256

bdf4ddcd68db9889d4b3cb702cfae0b1e4a11f63b53b921e3b122780f55d654b
SHA512

f60378b0d460ae4c55135a9b527ea3554ef21203d3ad06c1043b411ea73100079a4ba5d11417e156ed1ee2f8576e117e32f5642769bdcbe88790ba403efceadd
SSDEEP

384:W9NiGNL0Y2FxVL62VPFAK/JCUeAYvFsHBs60cUHevTYDRFgJWEplatjjwJwieVZ9:WhVT87L6qP3kiCFshs3VETYVA3mp8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
247bd641cd074a2eeb968e9044aae06c_JaffaCakes118

Files

247bd641cd074a2eeb968e9044aae06c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ac670048bc28738e2b243bda13149b21

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

urlmon

URLDownloadToFileA

wininet

InternetGetConnectedState

Sections

CODE
Size: 19KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE