879ffad663ca92dedc44cac36480e529_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

879ffad663ca92dedc44cac36480e529_JaffaCakes118
Size

56KB
MD5

879ffad663ca92dedc44cac36480e529
SHA1

6532a50780249eb3c2901344bb0fb5bcb66827ed
SHA256

fd30143cb94a2bd89f39ea8fa6db650bd21df8049af45e9e7e04d57978c7f446
SHA512

128659c09297cab4ee6ff2f3ed90cebb68aadb10e565abe916011d5020b442205d956d6ff48ab4b3c3d5bc2081d63a9d832f67057cdf0e5e51f1931a788e6099
SSDEEP

1536:vFB9devnXPuHGlHBc5/rMn6UQ1MHx42YoXsd:/GuHQhc5YYQ4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
879ffad663ca92dedc44cac36480e529_JaffaCakes118

Files

879ffad663ca92dedc44cac36480e529_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4c71388e384fa8d26ecec1f0da9a7e67

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

URLDownloadToCacheFileA
ReleaseBindInfo
CompareSecurityIds
DllRegisterServerEx

ntdll

LdrShutdownThread
ZwSetInformationProcess
KiUserCallbackDispatcher
LdrLockLoaderLock

Sections

.text
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE