c7e7caf596fa56547df1336fee3c0640_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c7e7caf596fa56547df1336fee3c0640_JaffaCakes118
Size

6KB
MD5

c7e7caf596fa56547df1336fee3c0640
SHA1

21a081405ba2a2b8977ab1a565aaa5b37cf1f51d
SHA256

a42d6ae8b46ba8bad6bac3c78e687100f3f4f4dee6fec000ad9258eb7e897d03
SHA512

b875412011aa72a9676c250843017f7179d86c54f09c28b3386171483459054958a52ccc61b590b291915ac5dd66da947a44e0562e0c33861a7b8a5a4615ffc9
SSDEEP

96:K68v3lbaXM71kNUb5rSA6pS4qB9hyobzNOMlU:K62VbvxkqdSfS4A9hyon0MlU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7e7caf596fa56547df1336fee3c0640_JaffaCakes118

Files

c7e7caf596fa56547df1336fee3c0640_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ca00f00eb5bf6706fc6548d6047eb233

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
HeapFree
WriteFile
HeapAlloc
GetProcessHeap
CreateFileA
GetTempPathA
GetStringTypeA
RtlUnwind
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetStringTypeW
WideCharToMultiByte

user32

GetDesktopWindow

shell32

ShellExecuteA

wininet

InternetReadFile
InternetOpenA
InternetOpenUrlA
HttpQueryInfoA
InternetCloseHandle
InternetQueryDataAvailable

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 786B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE