24fec7f445d9cb61862c118b842c03ce_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

24fec7f445d9cb61862c118b842c03ce_JaffaCakes118
Size

38KB
MD5

24fec7f445d9cb61862c118b842c03ce
SHA1

778e5cf10b8aab59193c551e22f6daea336c4aa7
SHA256

874394ba40404db3ef3a78e6cc6d2932c690409d78e7524f7b7843360c7c6d2e
SHA512

918b4a936c44c36dc45d535e70985c30b8852ac5f916acc22dc139f0986a8d3c421f83a22770042e583d864d34ed21cd712f0892697745b5d495571d869fdf06
SSDEEP

768:0jxdd+fFuJd48yhL91cXKrlxCB0qTZn1tWiGMtiWSA4lD:0jxdd+fF+yRhjrAT57FGkiW14B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24fec7f445d9cb61862c118b842c03ce_JaffaCakes118

Files

24fec7f445d9cb61862c118b842c03ce_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8bc2b06c4420b652f19d14fd3a807024

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExA

user32

GetKeyboardType

urlmon

URLDownloadToFileA

Exports

Exports

CandleInTheWind
GoodBeyYelouBrickRoad

Sections

.text
Size: 32KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE