69983f780af80354687f4076f0c176fd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

69983f780af80354687f4076f0c176fd_JaffaCakes118
Size

25KB
MD5

69983f780af80354687f4076f0c176fd
SHA1

771d96b062fc2bd854ac3e3b34fa6a78df2d755d
SHA256

03fac039a09650899060ca56d2d84a2c0fc8c93944c1e3cff9d6774bdda1834e
SHA512

57069c37c7c609d1651a5e016775746123b0a4539b858f5c1437b7f0e1d1e952f36a1c9850631da007e2873fd0f275f23276d4e0db5db5f956416a5115675836
SSDEEP

768:v163ZlbFbyxy/Qi+rXY3T06FcewYQMBLY:wnVyxyg03T0ecewsBLY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69983f780af80354687f4076f0c176fd_JaffaCakes118

Files

69983f780af80354687f4076f0c176fd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2bc24bcf757ac9442359221e616542c2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileA
CreateFileMappingA
ExitProcess
FlushFileBuffers
GetFileSize
GetModuleFileNameA
GetTempPathA
GetTickCount
MapViewOfFile
SetFilePointer
Sleep
UnmapViewOfFile
WriteFile
lstrcatA

shell32

ShellExecuteA

urlmon

URLDownloadToFileA

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE