74d806b84927f459fbcd80aac3c733bc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

74d806b84927f459fbcd80aac3c733bc_JaffaCakes118
Size

33KB
MD5

74d806b84927f459fbcd80aac3c733bc
SHA1

438113a95d54bf9df61302699b89ddbb3fc62ce4
SHA256

fc3e5e17d681e6282173a2dfb0321be9b18bc5f487f443014feffbdcdea9004e
SHA512

1a146f3ae6f7956f165a3361433f9f9ac2357d1f07795bc0ed80771f488a074a49f9556644a98712dfcb819eaa689f238e16c4721a4ade81072075a0a8b86edd
SSDEEP

768:9QVTh0NwvA3hGq/5G3JwTH5ByqX6yqSodK2noyxplXw:9Qp2N175YKBEEIo65w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74d806b84927f459fbcd80aac3c733bc_JaffaCakes118

Files

74d806b84927f459fbcd80aac3c733bc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

628a5f8fe0b2ffaf66b45c426a087078

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
CloseHandle
WriteFile
CreateFileA
GetComputerNameA
LoadLibraryA
ReadFile
GetFileSize
GetTickCount
GetModuleHandleA
GetCommandLineA
GetProcAddress
GetModuleFileNameA
FreeLibrary
Sleep
GetLocalTime
SetFilePointer
GetVersionExA
GetStartupInfoA
ExitProcess
HeapFree
GetProcessHeap
HeapAlloc

user32

wsprintfA

advapi32

RegOpenKeyA
RegQueryValueExA
RegSetValueExA
RegCloseKey

shell32

ShellExecuteA

wininet

InternetCloseHandle
InternetOpenA
HttpSendRequestA
HttpOpenRequestA
InternetConnectA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE