6f4c9003a0f4392a9c7cfa2ca6eb64d9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6f4c9003a0f4392a9c7cfa2ca6eb64d9_JaffaCakes118
Size

195KB
MD5

6f4c9003a0f4392a9c7cfa2ca6eb64d9
SHA1

49d804aad76bb9117a9c5ab052a9a25bce048257
SHA256

c9a6f41ec220f2ea460f18e1e9a0b311a80f8c0afd173a2ec4d3235c4cae3007
SHA512

595e537f61f2117235b8e0285349ce966df4135eaad76c2feadbad5095dcbe4cd8990252dbba467cb8da55b7358b29d8bfda659bd119f4c84a47590ad72a0d12
SSDEEP

3072:QPapsA6jrnsiwoxD2/QKyM7Uw7qodu/Q8AAqrKfsPPy29ACa51leOi8VVgKpkD:oMurxyN7U7odjtAuPPZ9l+VJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f4c9003a0f4392a9c7cfa2ca6eb64d9_JaffaCakes118

Files

6f4c9003a0f4392a9c7cfa2ca6eb64d9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bd9688f29ca00d71637e4e6fe54fc68d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime
timeSetEvent

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

gdiplus

GdipCloneImage

ole32

OleTranslateAccelerator
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoTaskMemRealloc

kernel32

GetSystemInfo
SetFirmwareEnvironmentVariableA
DeleteCriticalSection
GetModuleHandleA
LeaveCriticalSection
InitializeCriticalSection
EnterCriticalSection
GetLastError
EnumResourceTypesA
LocalAlloc
LCMapStringA
SetStdHandle
GetShortPathNameA
LCMapStringW
LoadLibraryA
GetProcAddress
LocalFree
GetStringTypeA

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ