9420207c16c3522b6e15f1a4a6209bac_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9420207c16c3522b6e15f1a4a6209bac_JaffaCakes118
Size

64KB
MD5

9420207c16c3522b6e15f1a4a6209bac
SHA1

c144493211aa274c3768fa6b6baf898601ea3b9d
SHA256

aef4e209c11641255b646be5ca6c31c2e0d1440d499f01b937151694b3c2bd3d
SHA512

d66c2477656d47f6ad865c1c179d823f2db6ba06fe03becb3e23ccb76d8bcfa4548fd11104b102bd770a24142b8af96807845eed144cbcde33e965cf92e1325e
SSDEEP

1536:spytibsHPYKkP3PjOaOGsjv4L5kpmtMSUIiPKgh:8ytAs9kP3PjZOGsx8uL3Jh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9420207c16c3522b6e15f1a4a6209bac_JaffaCakes118

Files

9420207c16c3522b6e15f1a4a6209bac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a57634b01a911c58ea62f87a1d30b0ee

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp

kernel32

WinExec
GetModuleHandleA
GetProcAddress
VirtualProtect

mfc42

ord1979

winmm

timeGetTime

wininet

HttpQueryInfoA

user32

MessageBoxA

Sections

.text
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00000
Size: - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00001
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ