83b9f3a47888c799a51a5da3afeb545b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

83b9f3a47888c799a51a5da3afeb545b_JaffaCakes118
Size

15KB
MD5

83b9f3a47888c799a51a5da3afeb545b
SHA1

43b6053aecb9e66420c8a1031a0bbd8b75fa4663
SHA256

4fc8cec9b7b187e6aaaad579024f44191ed4e4330660c8f40af8dab7ed6c394b
SHA512

483b4d430b9759558da310321efb060cb88a20a3b5baa49f1dc4014b49cff60e2e6b4b328b92fb4e9f6612274568e691d4a3d46e2597be788c32464155ca3aff
SSDEEP

384:ofk97a+it7VdptqPlDhYae8ljOiB0VKTt8cv4TnRS:b7ap7BOlDKa1lzB0ATt8wQE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83b9f3a47888c799a51a5da3afeb545b_JaffaCakes118

Files

83b9f3a47888c799a51a5da3afeb545b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d8d93a1f71449ae9ba0b89006109f598

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress

odbc32

ord9

msvcr71

free

wininet

InternetGetConnectedState

ws2_32

htonl

avicap32

capCreateCaptureWindowA

mpr

WNetOpenEnumA

psapi

EnumProcesses

urlmon

URLDownloadToFileA

user32

ToAscii

gdi32

BitBlt

advapi32

RegCloseKey

shell32

ShellExecuteA

Sections

.text
Size: 12KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.WSDM
Size: 1012B - Virtual size: 36KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE