86ad2ba9834461cb93fcf8ac265100a4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

86ad2ba9834461cb93fcf8ac265100a4_JaffaCakes118
Size

3KB
MD5

86ad2ba9834461cb93fcf8ac265100a4
SHA1

39c6d9b2fa868092a6e899eb22204bb3df26ba70
SHA256

a2227fde9ee483e059865d9132367245cf87da5d1107253b59c0b59d42a51fec
SHA512

30402e0b4208edb9240ff4c0af5d01a60c1b4bb314bdbee25bd7510e36286dc6c039cfe5ad6f9d7f80a1b2b424ef64ec40fafa97a4103e55d4c4ab0f7462d9f6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86ad2ba9834461cb93fcf8ac265100a4_JaffaCakes118

Files

86ad2ba9834461cb93fcf8ac265100a4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

84b4ac3ab4afff7d456a765a2f95d760

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
WinExec
WriteProcessMemory
OpenProcess
GetModuleHandleA
VirtualFree
VirtualAlloc
ReadProcessMemory
GetCurrentProcessId
ResumeThread
GetProcAddress
CreateRemoteThread
SetLastError

user32

FindWindowA
GetWindowThreadProcessId

msvcrt

_chkesp

urlmon

URLDownloadToFileA

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RT
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE