60636a35b0a98d67eeba79a81baaec5e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

60636a35b0a98d67eeba79a81baaec5e_JaffaCakes118
Size

6KB
MD5

60636a35b0a98d67eeba79a81baaec5e
SHA1

fec91083f9f4a1ec950bc8dac415bcad220acf20
SHA256

de7fcf199c8faca9b330cf4ba949681d0ed8f0385178f2a3fc7f0b7a069eba61
SHA512

d33f1e6af64ff1d8450b3561c401302685dde07ef8730f46328d7b1a51eb5ce84c1bf87d4fe47c898bd4db99b28a3fee99fa39cb419d8356bf2f4cf1ea04ad5e
SSDEEP

96:TmQMT9fxUOGy16ZCZHegpyDVb4S3RqQaiSzhGvHs8:KQMTk1CZHegpeN3RvaiSNF8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60636a35b0a98d67eeba79a81baaec5e_JaffaCakes118

Files

60636a35b0a98d67eeba79a81baaec5e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c87e478d9d832e20de313ea1fba21c43

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
wcslen
wcscpy
wcscat

kernel32

GetModuleHandleW
HeapCreate
Sleep
HeapDestroy
ExitProcess
CloseHandle
InitializeCriticalSection
GetCurrentProcess
DuplicateHandle
CreatePipe
GetStdHandle
HeapAlloc
CreateProcessW
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
HeapFree
HeapReAlloc
AllocConsole
GetConsoleScreenBufferInfo
SetConsoleCtrlHandler
FreeConsole
DeleteCriticalSection

shell32

ShellExecuteExW

urlmon

URLDownloadToFileW

Sections

.code
Size: 512B - Virtual size: 233B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 700B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ