744d12b1a4cfe1874c07c89c108d22fc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

744d12b1a4cfe1874c07c89c108d22fc_JaffaCakes118
Size

13KB
MD5

744d12b1a4cfe1874c07c89c108d22fc
SHA1

e4fde11d0bfa153c456071e9c2cccc3fe958c551
SHA256

22169a856ab2331d6c62f56aa94e7fc1b53d5cf2235e48bd6265c1c63eca85f7
SHA512

4215e77d59731912586e324747f5db2584a1f8c7a7e3ccdfa9203bbdf08611c1b97bc732ff40da9d518d01af4453bb4b62505ff2fd888a8eb6c0425292eaf344
SSDEEP

192:9YOP1oynMAi7o7sBWYa6SIzO6SqBXU2X0LGBHT9wc+3oR:l1GAuWYa6jRXh06BHT9wJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
744d12b1a4cfe1874c07c89c108d22fc_JaffaCakes118

Files

744d12b1a4cfe1874c07c89c108d22fc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

53beadae4eefb5d860c4ac90d7a8787f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
GetModuleHandleA
GetStartupInfoA

shell32

ShellExecuteA

msvcrt

strcat
rand
srand
time
memset
malloc
_snprintf
_exit
_XcptFilter
exit
_acmdln
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__getmainargs

urlmon

URLDownloadToFileA

Sections

.text
Size: 1024B - Virtual size: 642B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 742B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE