6992027befaa385f6edbc7fee91b4be3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6992027befaa385f6edbc7fee91b4be3_JaffaCakes118
Size

124KB
MD5

6992027befaa385f6edbc7fee91b4be3
SHA1

4c38a48ec69e085de733c393aae0d6589340a11d
SHA256

c442aeef55f91f03b888630a5ea92b5d4de83a099151d264fa22cd7b12f150ed
SHA512

43dca3d7c276cae3830e6ca2c97e54d895d4b75c2400b7643bc2bd970c957847c02d901770cdc3e741f2c1ed3a59209b1aa605243fcb40042bd715b1833d0778
SSDEEP

3072:Hm+S/QM1E1vNP9s69EJymeYR0OKwHOV8:G+sp4vNVs3JymoV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6992027befaa385f6edbc7fee91b4be3_JaffaCakes118

Files

6992027befaa385f6edbc7fee91b4be3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9cd3ed70ff2af150d457d1f3355e2130

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

HlinkGoForward
URLOpenPullStreamW
BindAsyncMoniker
URLDownloadToFileA
CoInternetCreateSecurityManager
URLOpenStreamA

user32

MessageBoxA
CallMsgFilterA
AdjustWindowRect
CreateIcon

wininet

InternetOpenA
FtpCreateDirectoryW
GopherGetAttributeA
IncrementUrlCacheHeaderData
InternetCombineUrlA
FtpGetFileA

Sections

.text
Size: 62KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE