8cc0df04c1df63c7d0543b7bfacb96b1_JaffaCakes118 | Triage

Sharing

General

Target

8cc0df04c1df63c7d0543b7bfacb96b1_JaffaCakes118
Size

47KB
MD5

8cc0df04c1df63c7d0543b7bfacb96b1
SHA1

ac00f5edba16e9dc5cfdadfa9f357530468b33cc
SHA256

2afb4243fbba3d098296a0e47959b09c6e9e139530ea9e1991eac0f1c9e01ea9
SHA512

f80464ee9047aacceb432a0f7c204788e3e98d18f3c0fff09d0a3567e0585418edef0ac2929032e137a642bea305abb704219c7883a3eeae3a1c3c4c4bbfe6de
SSDEEP

768:XgNPUhXoRPj8BDSMaKhY60lY1MsOnGDS779CqpixgAUlF7z9ve8:UPaXoR78YM9Y608zDG9/paRS1zg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8cc0df04c1df63c7d0543b7bfacb96b1_JaffaCakes118

Files

8cc0df04c1df63c7d0543b7bfacb96b1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cfef8918eb06fe9cd292b786655a4658

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

urlmon

URLDownloadToFileA

Sections

CODE
Size: 17KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE