838c5a8ba9f3eea8a049b6bc93d9ac45_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

838c5a8ba9f3eea8a049b6bc93d9ac45_JaffaCakes118
Size

69KB
MD5

838c5a8ba9f3eea8a049b6bc93d9ac45
SHA1

6208816b671c526e379af5438a43ce3f0eef43be
SHA256

92e85a0d5ada436f884790235067f39bac050e201859ee6301052899d9a89fba
SHA512

733ed7530cc731961d620b84c621d1af6cabbfd8173a5b6a4ab43a213376012a999e4da72408d02740593ecdbac4c0bdbd22d91f68b61bddf7e86593d40ffec8
SSDEEP

1536:hlIV1cd6ce79t5Ys0F6UHwHux7UDaeRZOs:Kcd6d5AVQOx7UDrB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
838c5a8ba9f3eea8a049b6bc93d9ac45_JaffaCakes118

Files

838c5a8ba9f3eea8a049b6bc93d9ac45_JaffaCakes118
.exe windows:4 windows x86 arch:x86

77eb0c164090eeb15303c2f6d8bf8bef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

FaultInIEFeature
GetClassFileOrMime
CoInternetParseUrl
ReleaseBindInfo
URLOpenStreamA

comctl32

ImageList_DragEnter
DrawInsert
ImageList_Remove

user32

CreateDialogParamA
CreateWindowExA
MessageBoxA
MessageBeep
DestroyWindow

kernel32

BackupRead
DuplicateHandle
CommConfigDialogW
CancelIo
EnumTimeFormatsW
ExitProcess

msvcrt

memcpy
memcmp
strstr
strlen
strcpy

Sections

.text
Size: 42KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 512KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE