a5942542deee83f69e3f409f9837bbb6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a5942542deee83f69e3f409f9837bbb6_JaffaCakes118
Size

35KB
MD5

a5942542deee83f69e3f409f9837bbb6
SHA1

0ad3375572aa51902862c6213e232e81f4b2f906
SHA256

e0637001b755e879d65b0cd4552a13e2ead42487a15ff29076accdddd9610a24
SHA512

68ff8464d9272fdb8dbe911c65b9c5e69a10013b5bac6491b493f3b6613ed64f8a069915089394d2a1f080ab37e862fd3a2cde57377a201fb4a0558c34c7c2de
SSDEEP

768:wI9EwCY7A5WY17LASwHFPs+Ajf6uUkW7C+Z+Hfxz1VrGHhc9P:99EwCeOWIESwbef9jWbZ+xz1VrGHhc9P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5942542deee83f69e3f409f9837bbb6_JaffaCakes118

Files

a5942542deee83f69e3f409f9837bbb6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e50a21c833d6b1b853158f735fe2a509

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

_controlfp

user32

IsWindow

advapi32

RegCloseKey

shell32

Shell_NotifyIconA

urlmon

URLDownloadToFileA

wininet

InternetCrackUrlA

ole32

CoInitializeEx

oleaut32

SysAllocString

version

GetFileVersionInfoSizeA

gdi32

GetDeviceCaps

Sections

.text
Size: 30KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE