61b81d3ad9f2ff499fc7346e6937383b_JaffaCakes118 | Triage

Sharing

General

Target

61b81d3ad9f2ff499fc7346e6937383b_JaffaCakes118
Size

5KB
MD5

61b81d3ad9f2ff499fc7346e6937383b
SHA1

735627d89442a1441f620df6473ac6bc693880c4
SHA256

12d90bb005ba215fd3bbc6dac06232cde1f08fc0cd2cf278758f89599a26c13a
SHA512

43a949fe149d21ebc46a26f834475ab044971bfd1aa1f6f261e072da342da42a1205c82f70e663b7cf14d3ba3343c9077a1b7d8ad53fb94f263a019372403df0
SSDEEP

24:etGSE/gei61tyMmL6v7KOVnOwr+sn4uC3zPrnoEg5CY0QMI7i6EvBEWJpC6TYzU4:69otyNL6iw5NdEvB9JTYzVv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61b81d3ad9f2ff499fc7346e6937383b_JaffaCakes118

Files

61b81d3ad9f2ff499fc7346e6937383b_JaffaCakes118
.dll windows:1 windows x86 arch:x86

282eeb23b745d5f37d4d6bfde6203748

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

urlmon

URLDownloadToFileA

kernel32

ExitProcess
GetEnvironmentStringsA
RtlUnwind
WinExec
CreateThread

crtdll

_fdopen
_open_osfhandle
_sleep
fclose
_cexit
malloc
printf
raise
setbuf
strcpy

Exports

Exports

LibMain

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 268B - Virtual size: 268B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 644B - Virtual size: 644B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 144B - Virtual size: 144B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE

.edata
Size: 80B - Virtual size: 80B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ