5aa6072bf51722c08b144438550b4c90_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5aa6072bf51722c08b144438550b4c90_JaffaCakes118
Size

20KB
MD5

5aa6072bf51722c08b144438550b4c90
SHA1

9f0bc90961d84ba23c4cb3952eba2b52baf84ac3
SHA256

276b4225095d36af82bea75ac7672aabbfc9e6b772a8b307c090bdfbc06f7789
SHA512

ca41ee290e77465bfa3aaa2c24d984cbcb6dc918911214aa601d7f51340ab8f0a6e8b70aee221688d3221cb4bd7a39a7fc5fdf866e08384f8a5aa9f931aa15ed
SSDEEP

192:glIyxDBR0NM5Tr3xVZiPXzI0vl9PsJkMvgI9fmNP1oyq6VdIKeqQ9Z1:kBSU+vA1omO51UadIKe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5aa6072bf51722c08b144438550b4c90_JaffaCakes118

Files

5aa6072bf51722c08b144438550b4c90_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0dd9fa26ecd4a969ce3091d6d4efb13f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateProcessA
WriteFile
CreateFileA
GetLongPathNameA
GetTempPathA
GetModuleHandleA
GetStartupInfoA

msvcrt

atol
sprintf
rand
_except_handler3
_acmdln
time
__CxxFrameHandler
_exit
_XcptFilter
??3@YAXPAX@Z
??2@YAPAXI@Z
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
srand
exit
_itoa

wininet

HttpQueryInfoA
InternetOpenA
InternetReadFile
InternetCloseHandle
InternetOpenUrlA
InternetQueryDataAvailable

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 660B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ