aa5431007b3fbb42d694f0e10fe6b03b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aa5431007b3fbb42d694f0e10fe6b03b_JaffaCakes118
Size

15KB
MD5

aa5431007b3fbb42d694f0e10fe6b03b
SHA1

95e8f686447a19403a8c352e0ff0bbe8774b448a
SHA256

46c0285bf2497a854eba5287424308d9704250bc1117aacad4cfa386e094377c
SHA512

0d6cc09a17dca29657f35dff5a05f826bc9fadd0c7675d254ad42a0ac56d20048001c9b0aa293eb4c146777f9680f90472b81ba2c38862c8171f1d31a6f8b60e
SSDEEP

384:9cWnmjeJrD1GzeBAR/dSXSPX4m5NcmvKI0ilnN:GErD1GzZVua4eSI0in

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa5431007b3fbb42d694f0e10fe6b03b_JaffaCakes118

Files

aa5431007b3fbb42d694f0e10fe6b03b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f37f71f5cd4574289bc41929b475e022

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

ole32

CoCreateInstance

oleaut32

SysAllocString

msvcrt

freopen

ws2_32

htons

user32

PostMessageA

wininet

InternetCrackUrlA

shlwapi

SHSetValueA

msvcp60

??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z

Sections

.text
Size: 13KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE