8d742f7a66f31e2145526d7637a193e4_JaffaCakes118 | Triage

Sharing

General

Target

8d742f7a66f31e2145526d7637a193e4_JaffaCakes118
Size

276KB
MD5

8d742f7a66f31e2145526d7637a193e4
SHA1

eeae90d6e0b1a860662d15178d0e06c4e2ff23c9
SHA256

d26b3eea9fc546a601cd008292275114336f81838e1ad695e3df76a925523baa
SHA512

addd653ca343c9ae5c4cac63359a50822eaccfa3fc3b6ecd7df7a32bd5eedcf9f3590701ee4119df2bdd120957026aca0acc5fa03682476c5edbed11a77dabef
SSDEEP

6144:b9MFsOKse0iNs1UqeuWn/fbJsvFJGNVyyjNWTLyzyVr:igse0i2iLfbqL4NWyyV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d742f7a66f31e2145526d7637a193e4_JaffaCakes118

Files

8d742f7a66f31e2145526d7637a193e4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

136f34e044c50a1c2505a5c0acbba0da

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

rasapi32

RasDialA

user32

PostThreadMessageA

gdi32

CreateDIBitmap

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA

advapi32

RegSetValueExA

shell32

ShellExecuteA

comctl32

InitCommonControlsEx

oledlg

ord8

ole32

CoTaskMemAlloc

olepro32

ord253

oleaut32

SysStringLen

urlmon

URLDownloadToFileA

wsock32

select

iphlpapi

CreateIpForwardEntry

Sections

.RIF1
Size: 248KB - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE