a74c3902ef886de8e150f4c4dff51d8f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a74c3902ef886de8e150f4c4dff51d8f_JaffaCakes118
Size

78KB
MD5

a74c3902ef886de8e150f4c4dff51d8f
SHA1

8e8d73e1610ca66cc1ae4d0f0b248f21f2a455c2
SHA256

11d298abd2b1c068534df0c6ee6947e5c3c7f4bccfe7360b19b2a3b6c3942ffe
SHA512

262d8dd97d78f48254a09a6f4ccbcfcd181a03e6ad76597e7222ab9a49947c5a30a8937ad98cd1315f03318c129330448ab0637f5fc6df512bf2d649143c6a9c
SSDEEP

768:rDhwI8C7DlU6XOrhxF7DOXY6uQ3PWB3TTsCMfUhjlpRNpzPP81YPg6w6mqkZScSX:eG7DS6Xkhp6uQ+NTO4NgqPkMdoN+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a74c3902ef886de8e150f4c4dff51d8f_JaffaCakes118

Files

a74c3902ef886de8e150f4c4dff51d8f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

71497285b920ff8cd289e96f87d284a1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

CharNextA

advapi32

RegCloseKey

oleaut32

SysFreeString

urlmon

URLDownloadToFileA

Sections

.MPRESS1
Size: 51KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE