64237fb20f2a7afa920f5721e1e8ae27_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

64237fb20f2a7afa920f5721e1e8ae27_JaffaCakes118
Size

82KB
MD5

64237fb20f2a7afa920f5721e1e8ae27
SHA1

7bf72e2d88f1abe29152f77a4c3f293751f4bf05
SHA256

6867d8f1c972ea51d0dc98f73a90aa01cddf72974a8dc66070d10c7d1ee14ec5
SHA512

4516e246bda04715c256d7efc2bf85a61e79bf3f8fa70009fcf9ea2b44a43cbbbdac27178bef0344a2de622bbf55036093c92c0bc500f3ccc7d526bde8edb43e
SSDEEP

1536:ZpL/toeEZ3GntftQ+2vR6kdVmCe31P+1j+2CwnsQ8UroemQhCYPz+xBka7Ybk:PL/tWGnJs6wYCeUDhJ8UriQhCYKUw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64237fb20f2a7afa920f5721e1e8ae27_JaffaCakes118

Files

64237fb20f2a7afa920f5721e1e8ae27_JaffaCakes118
.dll windows:4 windows x86 arch:x86

165ec46b0ce8be111621ca5c959b85ac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

wsock32

WSACleanup

urlmon

URLDownloadToFileA

Exports

Exports

start
stop

Sections

CODE
Size: 76KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE