61fd6f83d54e77109e4c10d54020c74d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

61fd6f83d54e77109e4c10d54020c74d_JaffaCakes118
Size

3KB
MD5

61fd6f83d54e77109e4c10d54020c74d
SHA1

223de7e7ec891ad8e8ddcf41ef0f1dd94863cbc0
SHA256

3acf768647d63522c7fe1ca52b38d87f10c15081e285ccbb15b31c5d1f9739c9
SHA512

771ffb0a29e5eeeb119b65d7749bda87a7c0d60a196d361befc791a27eefce205558eecccd27a2dd2e55a33213957b31d2f1271d0f71c19cc09667c2bb1e77f6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61fd6f83d54e77109e4c10d54020c74d_JaffaCakes118

Files

61fd6f83d54e77109e4c10d54020c74d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f5fad22e5adad5a93551b54e9ca0dff7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
ExitThread
GetModuleHandleA
OpenProcess
Sleep
WinExec
WriteProcessMemory
ResumeThread
GetPriorityClass
CloseHandle
VirtualAlloc
VirtualFree
GetCurrentProcessId
SetLastError
CreateRemoteThread

user32

GetWindowThreadProcessId
FindWindowA

urlmon

URLDownloadToFileA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE