aa72e5fcdd916ae0064d820ef87d8ca9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aa72e5fcdd916ae0064d820ef87d8ca9_JaffaCakes118
Size

179KB
MD5

aa72e5fcdd916ae0064d820ef87d8ca9
SHA1

077ca86894136386937b0ed875e4c00d5538a084
SHA256

c9f158eaf100a0b02b436d63d052ec94d278a329003efe8f814e0b48a30a2f4a
SHA512

b9efb18ddfce79c0f810411593c21820717f0a77c6e5a21b51615de345244dc22da6bbf41db6c68d193084a1bc241cbc28085a6bb8a86b5ec39753a10561880b
SSDEEP

3072:twKZntsD/lB7BxUspkNduutJChaZ0De0of4fBrtLyF/YDPDttOuKIP:twKZtsD/lB7oN7tJEof8tWOPDttOuKIP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa72e5fcdd916ae0064d820ef87d8ca9_JaffaCakes118

Files

aa72e5fcdd916ae0064d820ef87d8ca9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ac777f0dce0489343b44e6b15487ba20

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetOpenUrlA
InternetOpenA
InternetReadFile
InternetCloseHandle

kernel32

SetFirmwareEnvironmentVariableW
LCMapStringA
GetProcAddress
LocalAlloc
LCMapStringW
InitializeCriticalSection
GetModuleHandleA
EnterCriticalSection
EnumResourceTypesA
SetStdHandle
LeaveCriticalSection
GetLastError
GetShortPathNameA
DeleteCriticalSection
LocalFree
GetSystemInfo
LoadLibraryA
GetStringTypeA

gdiplus

GdipCloneImage

winmm

timeGetTime
timeSetEvent

ole32

OleSave
CoTaskMemFree
StringFromGUID2
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc

Sections

.text
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ