2d8377adebe21c689b92a28dab9242f5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2d8377adebe21c689b92a28dab9242f5_JaffaCakes118
Size

40KB
MD5

2d8377adebe21c689b92a28dab9242f5
SHA1

57c9c674e395537bd1bd2262317c281568bbba3b
SHA256

60cd9251f5cdba8b9d698d34c338eb43897af9ca35875901900ce5fd0289cb54
SHA512

8bbd9ccceb2ef67b5b917d68b90be9f5e91476d780930c760fecef840b828383c16a12c4879da3c980ae2304fe154668171a2453a9be26fef6220c1808698567
SSDEEP

384:eGR0yRd7IswwGVvz7xHa1tid5FHg1aeTGlDZF6hW/p:VR0id7yh0e5S1VT0DZFEk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d8377adebe21c689b92a28dab9242f5_JaffaCakes118

Files

2d8377adebe21c689b92a28dab9242f5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f407079151d37287abfff0beffa1293b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

??1type_info@@UAE@XZ
exit
fopen
wcsstr
fgetc
fclose
strchr
_CxxThrowException
strstr
wcscmp
__CxxFrameHandler
time
atoi
strrchr
sprintf
_strnicmp
_stricmp

shlwapi

SHSetValueA
SHGetValueA

wininet

InternetCheckConnectionA
InternetSetOptionA
InternetCrackUrlA

kernel32

GetEnvironmentVariableA
lstrlenA
GetCurrentThreadId
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
GetCurrentProcessId
GetModuleFileNameA
CopyFileA
CreateThread
CreateProcessA
MoveFileExA
Sleep
GetTickCount
GetProcessHeap
HeapFree
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapAlloc

user32

GetForegroundWindow
GetActiveWindow

ole32

CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

SysFreeString
VariantClear
SysAllocString
SysAllocStringLen

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE