af2a1025d5de6fd6d79b9598fd672fbd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

af2a1025d5de6fd6d79b9598fd672fbd_JaffaCakes118
Size

15KB
MD5

af2a1025d5de6fd6d79b9598fd672fbd
SHA1

e0dad31dbaefe74e328b3c08a2e5d0803fa4ea80
SHA256

499d1cbc806b038b6cc311c4a760357b29aa963a97fc66d2fb4544ab5c4e5770
SHA512

67d19119ce483d5d7c25ad016b53e0e166a781674c8168c929a45f543797953d305f83ccf81d10c13b69991a8ceaa43686759648598b6928e271223568c86578
SSDEEP

192:nGqagu4AocIwzoIU1jv1sUvMhmHPkp/r2psJXw/NpRhdEg3I2X5f5UmC:ruDojmgjv1pvMhqPkBiRhdNe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af2a1025d5de6fd6d79b9598fd672fbd_JaffaCakes118

Files

af2a1025d5de6fd6d79b9598fd672fbd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

53d38934b04cf79a8da2f48b76d56e2f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

mfc42

ord3262

msvcrt

??1type_info@@UAE@XZ

user32

PostThreadMessageA

comctl32

ord17

ole32

CoInitialize

oleaut32

SysAllocString

urlmon

URLDownloadToFileA

Exports

Exports

HookProc

Sections

.text
Size: 10KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE