4458b97a6d0bdec8610ac582ba3a8cc8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4458b97a6d0bdec8610ac582ba3a8cc8_JaffaCakes118
Size

153KB
MD5

4458b97a6d0bdec8610ac582ba3a8cc8
SHA1

1873abc3e675e59593c167efe903ea347f798958
SHA256

b458a44cbe87c12ec12108a79f1077647ad2dedca10c09669973c0ccd80fdafb
SHA512

cc128c29af5c842ef6f5a812d50e77fcc60283d4519282b418f68be643147707327c2b18ef64e287babca32462e316ea8022aafebbe8497243e8970425f73ed6
SSDEEP

3072:75hWK1yKo1P+S5wZafnMmrobVWi2cz5jnYXZ8rKfX/9cumDfuMYYENG:LHyKE+AwZWMmshWi2ChYXZ8mHfMYxG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ReloadWebPage/ReloadWebPage.exe

Files

4458b97a6d0bdec8610ac582ba3a8cc8_JaffaCakes118
.rar
ReloadWebPage/ReloadWebPage.exe
.exe windows:4 windows x86 arch:x86

4ff1290a6cc967cbdb694dd6c213dbae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
GetModuleHandleW
GetCurrentProcess
CreateFileMappingW
GetLastError
MapViewOfFile
UnmapViewOfFile
GetModuleFileNameW
CloseHandle
CreateFileW
VirtualAlloc
GetModuleHandleA
GetProcAddress

user32

MessageBoxW

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xcpad
Size: - Virtual size: 64KB

.idata
Size: 1024B - Virtual size: 516B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ReloadWebPage/reload.config
.xml