cf24dce1262946f4b60f809f5c3a88ab_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cf24dce1262946f4b60f809f5c3a88ab_JaffaCakes118
Size

4KB
MD5

cf24dce1262946f4b60f809f5c3a88ab
SHA1

e6d069e9abaa58d98e438db93f9e6e3b6d182361
SHA256

5d2d748f967f86891be77af11cfd60aa3964925c74ad6929afaeff1fadefbd1f
SHA512

f4d67d371f45af86ee787f9f75a2f646c22cb5d31d479ea60c324d58bbad2c6dee67f5ad280ff5195ce6b97bb77563d3d464b0f83db5331dd19f53236dac37cc
SSDEEP

48:a/68t2EGl+QDr6yQYXbHf6ygizkdzt2ES0T3jHQCEiYVmfbYajD88:64XHx/6ya9njJENQXf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf24dce1262946f4b60f809f5c3a88ab_JaffaCakes118

Files

cf24dce1262946f4b60f809f5c3a88ab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ed80a8b3c107d2e505d5b2a7c2280a1b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
GetTickCount
HeapFree
HeapAlloc
GetProcessHeap
CloseHandle
Process32Next
Process32First
CreateToolhelp32Snapshot
Sleep
CopyFileA
GetModuleFileNameA
ReadProcessMemory
VirtualQueryEx
OpenProcess
CreateThread
SetUnhandledExceptionFilter
GetLastError
CreateSemaphoreA
GetCurrentThreadId

user32

wsprintfA
FindWindowA
PostThreadMessageA
GetInputState
GetMessageA

shell32

SHGetSpecialFolderPathA

iphlpapi

GetTcpTable

ws2_32

htonl
inet_addr

wininet

HttpSendRequestA
InternetCloseHandle
InternetConnectA
InternetOpenA
HttpOpenRequestA

msvcrt

_stricmp
_strlwr
strlen
memcpy
memset

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE