cf57824cd1673827916aa6c6e7d17f17_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cf57824cd1673827916aa6c6e7d17f17_JaffaCakes118
Size

107KB
MD5

cf57824cd1673827916aa6c6e7d17f17
SHA1

91ba77e0bc2a5000a5a12b331fce30093f3e1693
SHA256

29100cad2da5501d155b667175f42cf864d5493c046542970389f98cd49a468e
SHA512

2731289f157de4b0b5df3100f839ec4d6bad39560afbe92fd6135f4b45509c3eb83eb22490274c1e5a4816f5487db86cfd1ec3426b240e3efaba757cdd5c54b0
SSDEEP

1536:g7j4kl+txVQu4mrYPC0VnSg0QOqVzWkv9Ozywsys5qyky534gEnugv/jRkFqeQ9F:g7BCQMrsjVn/0QOGPv92yky5o/njRks

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf57824cd1673827916aa6c6e7d17f17_JaffaCakes118

Files

cf57824cd1673827916aa6c6e7d17f17_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ffdf099e67c40e9c91ce17a9a596ae9e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetICMMode
SetRelAbs
ResetDCW
StretchBlt
SetDIBColorTable
UpdateColors
SaveDC
TextOutW

shell32

StrStrIW
SHFormatDrive
SHAppBarMessage

urlmon

IsLoggingEnabledA
URLOpenStreamA
CoInstall
GetClassFileOrMime
AsyncInstallDistributionUnit
IsValidURL

Sections

.text
Size: 24KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE