4bef05b3096bb2877508addee3d8e83f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4bef05b3096bb2877508addee3d8e83f_JaffaCakes118
Size

86KB
MD5

4bef05b3096bb2877508addee3d8e83f
SHA1

86e1cbb56628bc0c6b9abca310d2fc6ffc10309f
SHA256

fae0e496d2ae3361a49624d78f9d9052c6fb16537560d1f90bd6389616c24403
SHA512

1fd209d60f8fbf891c0c99fe260951921db4af4b06d3df18c0dc7592acbdbcdcfcfa59a561387e37be37b08c574a87faabd203b1e8f5f218804b87ac47213a49
SSDEEP

1536:L/ayaDGK6FJ/fc0U3X5ItM5AaXkj+pE7XF5/uILqV2EcRS23Ex9:LipDb67/q3nPkjeEjj8VeS20v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4bef05b3096bb2877508addee3d8e83f_JaffaCakes118

Files

4bef05b3096bb2877508addee3d8e83f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1cbfa0117506dde405bd98b7494ce2de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

GetUrlCacheEntryInfoA
FtpCreateDirectoryW
GopherGetAttributeA
IncrementUrlCacheHeaderData
InternetCombineUrlA
FtpGetFileA

kernel32

MulDiv
SetupComm
IsBadWritePtr
GetConsoleMode
LocalFree
HeapSummary

user32

CopyRect
CallMsgFilterA
AdjustWindowRect
CreateIcon

Sections

.text
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE