2da6fc96d9684caa99fc6be6f5fba889_JaffaCakes118 | Triage

Sharing

General

Target

2da6fc96d9684caa99fc6be6f5fba889_JaffaCakes118
Size

11KB
MD5

2da6fc96d9684caa99fc6be6f5fba889
SHA1

18272868e17749b8f81b47766473ba81b96a8302
SHA256

823f6125e510f1f3b991d338ce4b6ca2fcfd08b3b9a55164b42eb10baa880aa9
SHA512

7597717d371664dff312c8c60507ceebb9b35a149b7e89d11418668297674c1b3507a2b708398dc6d853f7241863c577d6a3fa829dc51a04fe3cffd8ab7e0bba
SSDEEP

192:m+r/uATFZGaUq6w9iWDSH/owmBGM2t316tUh8NXKmAAOEQEnhS+3gnlUJPM2un:/juAxZGaUVb/4C+5hKwsEICgnlUJPM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2da6fc96d9684caa99fc6be6f5fba889_JaffaCakes118

Files

2da6fc96d9684caa99fc6be6f5fba889_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f23b63df0115c6695d277d1222344234

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateProcessA
ExitProcess
GetModuleHandleA
GetThreadContext
LoadLibraryA
ResumeThread
SetThreadContext
VirtualAllocEx
WinExec
WriteProcessMemory

urlmon

URLDownloadToFileA

Sections

.text
Size: 736B - Virtual size: 736B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE