2480057a8086f41017c1db0fa88e4849_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2480057a8086f41017c1db0fa88e4849_JaffaCakes118
Size

82KB
MD5

2480057a8086f41017c1db0fa88e4849
SHA1

8eec20edb9ced8bc8c1128ce6217d3c262cfb3fa
SHA256

630f9bb2d54538494d35f870bb1d31b20f2c2ef76cf528f0d185071f3f171109
SHA512

c4b9e734a24a72c9d79c6d0bce39623d32c376d0db6af3c2e6c0cf16288658eca52ff7fb15f2b282ad9af233d330a5e364d8f300e8a7cf6a436c048c38b4cfd3
SSDEEP

1536:VJIpXdMiJRwM4Vgn1k0S3dX5WhB9+OHiBVYZ6t:rUXmM4VgnRudghH+SiBiZ6t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2480057a8086f41017c1db0fa88e4849_JaffaCakes118

Files

2480057a8086f41017c1db0fa88e4849_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9fda5b04a96d5bb5fd0646895d462c6e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ExitProcess
GetACP
GetCommandLineA
GetDateFormatA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
RaiseException
RtlUnwind
SetLastError
TlsSetValue
VirtualFree
lstrcatA
lstrlenA

user32

CopyRect
CreateDesktopW
GetDC
LoadBitmapA
CharPrevA

advapi32

RegOpenKeyExA
RegLoadKeyA
RegEnumKeyA

ole32

CoGetClassObject
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CreateOleAdviseHolder
CoUninitialize
CoCreateInstance
CoInitialize

wininet

HttpAddRequestHeadersA
HttpOpenRequestA
HttpQueryInfoA
HttpSendRequestA
InternetCloseHandle
InternetConnectA
InternetCrackUrlA
InternetGetCookieA
InternetGetLastResponseInfoA
InternetOpenA
InternetQueryDataAvailable
InternetReadFile
InternetSetOptionExA
InternetSetStatusCallbackA
InternetWriteFile

Sections

.text
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ