cf5255405c77328c82649d39eedc9917_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cf5255405c77328c82649d39eedc9917_JaffaCakes118
Size

21KB
MD5

cf5255405c77328c82649d39eedc9917
SHA1

2584fe0777247e5a13021c44d317b59512f8c28d
SHA256

2488526804f62debd68101b704bbecfa39b9f1c43e4953313e339e5f934e8ea6
SHA512

b8ff8881506b172038adc3468a30dce9fe8fbda5b8fd02713d7249a91d4ec4c288355f9a3d79275cd1daadbd07ccb7b71211f1e1905fa0169a86e29f805d6aaf
SSDEEP

384:9X/DoaRutSLKMuCoBW3kb6+Hh08MK1ZMD2217YudP0Qk3CL1TxkNKTFE2PqfJOM2:9zCSLTuiu6R8MK167kudP7YfKcOX7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf5255405c77328c82649d39eedc9917_JaffaCakes118

Files

cf5255405c77328c82649d39eedc9917_JaffaCakes118
.exe windows:4 windows x86 arch:x86

872baeee08aa5ad22f6715442499f04b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

CharToOemA

advapi32

RegQueryValueExA

shlwapi

SHSetValueA

ole32

CLSIDFromProgID

ws2_32

send

wininet

InternetGetConnectedState

msvcp60

?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB

oleaut32

SysAllocStringLen

msvcrt

_except_handler3

Sections

.text
Size: 17KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE