4c88b2a360639e90dacf6c93c0044478_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4c88b2a360639e90dacf6c93c0044478_JaffaCakes118
Size

186KB
MD5

4c88b2a360639e90dacf6c93c0044478
SHA1

bd659e95e7448fa3893e9f74231fe9ce6f8caab8
SHA256

9ec79e9762030cc79066946ce1a291d7e9a2ff01072534d4ece0b7b34282676c
SHA512

b7a6f72095098f627823614630f6a480d6c9a473418fade041a21e64f1138d1346a166eb5074a780e24815c7b047ecbca8a5f800050f792b8af9d41f0aa8c7ef
SSDEEP

3072:z6Xj/yuYdYQIWb20n/Ufn1tnL7iN+nt+z61weG/uX5XVcP5pXkYrr1qAo3QgZJFj:z6Tyu5fWaietnaN+tUeG2pXArr1DgDEC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c88b2a360639e90dacf6c93c0044478_JaffaCakes118

Files

4c88b2a360639e90dacf6c93c0044478_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ba9f6b14f9535d66b0d813ea5050a993

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetReadFile
InternetOpenA
InternetOpenUrlA
InternetCloseHandle

ole32

OleSave
StringFromGUID2
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc

gdiplus

GdipCloneImage

winmm

timeGetTime
timeSetEvent

kernel32

SetFirmwareEnvironmentVariableW
GetModuleHandleA
GetProcAddress
LocalFree
LeaveCriticalSection
LocalAlloc
LCMapStringA
EnterCriticalSection
GetSystemInfo
EnumResourceTypesA
SetStdHandle
LoadLibraryA
GetShortPathNameA
InitializeCriticalSection
DeleteCriticalSection
LCMapStringW
GetLastError
GetStringTypeA

Sections

.text
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ