3129cedff240c875fdb8b8f0151bb263_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3129cedff240c875fdb8b8f0151bb263_JaffaCakes118
Size

15KB
MD5

3129cedff240c875fdb8b8f0151bb263
SHA1

7ef53b9f9da073f2cff9ca2a7b5f12f6eb3341f5
SHA256

629bbdcd2646ba41272c39243efbdb0bf6f0fc427650885e44d837f93f334fcd
SHA512

4f1aa53aa9811f4876a319694df46e4d32fc967917d9608f2ffabd2cbcf4a1c0468ca304634ea4d08aa6818d9c29d05df6990594c3c15685205ad4291783bf3d
SSDEEP

192:ptsX9TBu1zDIFJzw/vh3L2BwWDsaOdm2cg3Je6b1gEqTjuaC:kXDuVIAvh3Ljk7OdmpsvVYuL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3129cedff240c875fdb8b8f0151bb263_JaffaCakes118

Files

3129cedff240c875fdb8b8f0151bb263_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c093834934d9f65d926c37ca102b7c0c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

memset
strcpy
strlen
strcat
localtime
mktime
gmtime

user32

wsprintfA
wvsprintfA

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

urlmon

URLDownloadToFileA

kernel32

GetModuleHandleA
GetCommandLineA
ExitProcess
HeapCreate
GetSystemDirectoryA
GetEnvironmentVariableA
GetCurrentDirectoryA
GetModuleFileNameA
HeapDestroy
HeapAlloc
HeapFree
WaitForSingleObject
GetTickCount
Sleep
GetDriveTypeA
FindFirstFileA
FindClose
HeapReAlloc
CreateFileA
CloseHandle
ReadFile
SetFilePointer
GetFileSize
WriteFile
GetLocalTime

shell32

ShellExecuteExA

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.flat
Size: 512B - Virtual size: 455B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE