81d89178f4beacef040a5fb7f43ea58d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

81d89178f4beacef040a5fb7f43ea58d_JaffaCakes118
Size

5KB
MD5

81d89178f4beacef040a5fb7f43ea58d
SHA1

e64be2c0f39af9518c105be6843bf3cd1062a5e8
SHA256

5305e4c5573ac34b0b484d80995de29f485a8b4a2bda39c6c07cfcf7ec0ce87f
SHA512

b6371ffd8fb5cf79c409ff9e15f6087e8561fac9ffb6a750e3cc878490af23b3e11f94e63b357c96060656ae07452ca37e6b1adcd1dbed5b3d7f74028007eaba
SSDEEP

48:6g3mqkpypXOUKwCz9QoLGysWRrvBIPmCtRDGJCXim:OqDXOICW5qRbtXCXd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
81d89178f4beacef040a5fb7f43ea58d_JaffaCakes118

Files

81d89178f4beacef040a5fb7f43ea58d_JaffaCakes118
.dll windows:1 windows x86 arch:x86

44af66b32eb5f3ab8fbc28d963d09b00

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

urlmon

URLDownloadToFileA

kernel32

ExitProcess
GetEnvironmentStringsA
GetProcessHeap
GetStdHandle
HeapAlloc
HeapFree
RtlUnwind
Sleep
WinExec
WriteFile
CreateThread

user32

wvsprintfA

crtdll

_fdopen
_open_osfhandle
fclose
_cexit
raise
setbuf
strcpy

Exports

Exports

_LibMain@12

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 120B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 800B - Virtual size: 800B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 164B - Virtual size: 164B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE

.edata
Size: 76B - Virtual size: 76B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ