3ba49b452e5732d4b793811d9753be4f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ba49b452e5732d4b793811d9753be4f_JaffaCakes118
Size

54KB
MD5

3ba49b452e5732d4b793811d9753be4f
SHA1

920104bdc07f1129099ed901c896c308acad9fd6
SHA256

97059da10873eb71cc448eeac1af824b41c5d2add724629386a3e6d295bf03a9
SHA512

77ff1b904e2e38a270e39cc85523d01409eb3eb1859ea726ca6821c039f94eb2c5e89fc1088c1e4995ca96f256e8a7e09419583636e95569560797727159167f
SSDEEP

1536:+yZWOxrZbHG8RveiM3zww0+nGGKNRc3x+7Rqsq:+yTb1ved3zP0GHkSx+Msq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ba49b452e5732d4b793811d9753be4f_JaffaCakes118

Files

3ba49b452e5732d4b793811d9753be4f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

58ff3345de5a5cc64402684a68e4447b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

_controlfp

urlmon

URLDownloadToFileA

version

GetFileVersionInfoSizeA

user32

DispatchMessageA

gdi32

CreateFontA

advapi32

CryptCreateHash

shell32

SHGetSpecialFolderPathA

wininet

InternetCrackUrlA

shlwapi

SHDeleteValueA

lz32

LZClose

ws2_32

gethostname

ole32

CoUninitialize

oleaut32

GetErrorInfo

Sections

.text
Size: 47KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE