74d7b61d2e99ac3643aed328555d6871_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

74d7b61d2e99ac3643aed328555d6871_JaffaCakes118
Size

78KB
MD5

74d7b61d2e99ac3643aed328555d6871
SHA1

1f438999c83bdfa42ae0519d7f85b8d5631476d0
SHA256

3ba5ff6a597beaeb2e45a37395137557dd3b5cf5c389d1042b40a90a86b3b8b0
SHA512

8352b2deb7dbbec0d193c162bdbe6ad371b84316f0d9969306ec0017b7c2b00ac87cda6e86417d9e2603fc2da39f69182b7bd739dc832f92d96e663c34e496cd
SSDEEP

1536:uBFeKb+KnfxmP0J9xAappdkRBxfp9GeIORZTsll9TsllC/jgS:+MKb6PA9dKnBIObm9mk0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74d7b61d2e99ac3643aed328555d6871_JaffaCakes118

Files

74d7b61d2e99ac3643aed328555d6871_JaffaCakes118
.exe windows:4 windows x86 arch:x86

105ef7cffdec122e474ac6edeff88bf7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
TerminateProcess
SetProcessPriorityBoost
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
GetEnvironmentVariableA
GetShortPathNameA
GetModuleFileNameA
IsBadWritePtr
GetVolumeInformationA
GetComputerNameA
CloseHandle
WriteFile
CreateFileA
Sleep
GetTempPathA
CreateProcessA

user32

wsprintfA

shell32

SHChangeNotify
ShellExecuteExA

wininet

InternetOpenA
InternetOpenUrlA
InternetCloseHandle
InternetReadFile
HttpQueryInfoA

msvcrt

strstr
??2@YAPAXI@Z
??3@YAXPAX@Z
atoi
_except_handler3
atol
strncpy

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ