3903c5b29a7cdc16230bb2e5e985185d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3903c5b29a7cdc16230bb2e5e985185d_JaffaCakes118
Size

9KB
MD5

3903c5b29a7cdc16230bb2e5e985185d
SHA1

2d3789dba36466e242779dbe84fd03666a605204
SHA256

9a8fe222e181cdfa08f467c2829e21756d1b0405b3572c2cd13ed9b2952b7ad7
SHA512

377fb1aefc6a0d6369597f811b0d600e90cce48392c2259cf0feb8ef734134788b87b1d64387e10aa79b0bc95a746f5c7ea4ac0916cab75ddc113c565b5fc887
SSDEEP

192:r35xE66x3VovZeouLcoB4W6/RWUW0OKl:XeOxeouQoB4W6/RhhOK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3903c5b29a7cdc16230bb2e5e985185d_JaffaCakes118

Files

3903c5b29a7cdc16230bb2e5e985185d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cddb427d0b74d15dff45c4bd7944817a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WinExec
RtlUnwind
VirtualAlloc
VirtualQuery
HeapCreate
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
ExitProcess
GetSystemTimeAsFileTime
GetStartupInfoA
GetFileType
GetStdHandle
GetCurrentProcess
DuplicateHandle
SetHandleCount
GetCommandLineA
GetModuleFileNameA
GetEnvironmentStrings
UnhandledExceptionFilter
SetConsoleCtrlHandler

advapi32

GetUserNameA

user32

MessageBoxA

urlmon

URLDownloadToFileA

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE