d21e3339a47aeac2c2184698178240f9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d21e3339a47aeac2c2184698178240f9_JaffaCakes118
Size

20KB
MD5

d21e3339a47aeac2c2184698178240f9
SHA1

06a35ca34810d970f91d88e029119f82e21e03fd
SHA256

dd10f36cb6bbb5c5f4fdd920a992abda172a65a9a91ebd90ae940ca627a07b16
SHA512

61989ad59f2b6f9a0ff9731e8c8ddd9d9cdad021a5f2b76c6be9af80b9b477855ca9205ffe1ffab75adaa1ae8233741c66904a5ef6ad624329c9482e19e295f7
SSDEEP

384:ySNUJYb9eVFK2dbl1LN7W7NE+IAaFREbpyYGOF:ydJG9eVB1h7WBMEgI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d21e3339a47aeac2c2184698178240f9_JaffaCakes118

Files

d21e3339a47aeac2c2184698178240f9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b4bccbfb1617824748b7eb8757fcf556

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

DeleteUrlCacheContainerA
DeleteUrlCacheContainerW
FreeUrlCacheSpaceA
ForceNexusLookupExW
FtpOpenFileA
DeleteUrlCacheContainerA
DeleteUrlCacheContainerW
FreeUrlCacheSpaceA

comdlg32

GetOpenFileNameA
LoadAlterBitmap
dwOKSubclass
dwLBSubclass
PageSetupDlgA
ChooseFontA

kernel32

DuplicateHandle
ExitThread
TerminateThread
WriteFile

Sections

.text
Size: 13KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE