bd601a6b2624d885bdd7c18cdecdad17_JaffaCakes118 | Triage

Sharing

General

Target

bd601a6b2624d885bdd7c18cdecdad17_JaffaCakes118
Size

48KB
MD5

bd601a6b2624d885bdd7c18cdecdad17
SHA1

0e8b6f774b7a8dc17cee3a4198c5d755fef0b042
SHA256

8ab4fbe01422eeacdb7373fb15c3a62bfb8aeac3a6f0e6dd8c4ce0b7adac521e
SHA512

33f7afc526013bf237ff6483cb5bf868865474ffd38c81ea15714ee93c3a03ffb5d9b4d4a65183ec06e4922cf76a4d7016e8094afa9bd233c62bbba2d23eb7c1
SSDEEP

768:BExKQsprbLP9sRa/+x8SyWH1HgjSmrJEcWdsdILZaCDHxj7BOjM5ofC450rKr:exK9uRaWx8SyWH1HerVDILZzRjD6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd601a6b2624d885bdd7c18cdecdad17_JaffaCakes118

Files

bd601a6b2624d885bdd7c18cdecdad17_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b4bccbfb1617824748b7eb8757fcf556

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

DeleteUrlCacheContainerA
DeleteUrlCacheContainerW
FreeUrlCacheSpaceA
ForceNexusLookupExW
FtpOpenFileA
DeleteUrlCacheContainerA
DeleteUrlCacheContainerW
FreeUrlCacheSpaceA

comdlg32

GetOpenFileNameA
LoadAlterBitmap
dwOKSubclass
dwLBSubclass
PageSetupDlgA
ChooseFontA

kernel32

DuplicateHandle
ExitThread
TerminateThread
WriteFile

Sections

.text
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE