7185123bba129427853e08cf15ff8c85_JaffaCakes118 | Triage

Sharing

General

Target

7185123bba129427853e08cf15ff8c85_JaffaCakes118
Size

69KB
MD5

7185123bba129427853e08cf15ff8c85
SHA1

5274dc95673741796b361fa28f48612e9b568c6d
SHA256

b6286c10147cfda7508941047002f5619f0d54d81f0baee3c98c752fdfe69fbb
SHA512

a103d889a8dc343618c5c2d94cd2993683b9c272e254cddedfb0d8ec401a303e7c4f7f04d7675ecc96074626fe1d6429d6e5ca9c1b5eaa7ee05000a9c8e831b0
SSDEEP

1536:ObIcSpzkSk9sHlTMvYQownZzYhgsCQO9PScL:EtUzHY4BDwBKgXQWL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7185123bba129427853e08cf15ff8c85_JaffaCakes118

Files

7185123bba129427853e08cf15ff8c85_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0545e254390631d57e71e5bef03abce5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

FaultInIEFeature
GetClassFileOrMime
CoInternetParseUrl
ReleaseBindInfo
URLOpenStreamA

comctl32

ImageList_DragEnter
DrawInsert
ImageList_Remove

msvcrt

memcpy
memcmp
strstr
strlen
strcpy
memcpy
memcmp
strstr
strlen
strcpy

kernel32

CancelIo
EnumTimeFormatsW
ExitProcess
BackupRead
DuplicateHandle
CommConfigDialogW

Sections

.text
Size: 42KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 512KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE