d320d44c99016bfba2c2b4d13839566a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d320d44c99016bfba2c2b4d13839566a_JaffaCakes118
Size

107KB
MD5

d320d44c99016bfba2c2b4d13839566a
SHA1

81ce93f416289917486da89411c34062274dc36e
SHA256

bcc778baa8f884e858ddee155e58928b1b7df92f08cdd1f9470ac6c4359d9da2
SHA512

581457432acc1ca71d13d6731ecaa8334c24778ff9b184c3d77eb275503b52f76a48d6f7edd5e754ee3cf96c2965cdbefe1e4321ae5d2f3fb71e54a88446cdb8
SSDEEP

3072:079xjW2Xr/LoDzD1uX8RYzgBTxYfLBIuts3YqHeAy:Y9xjW2XDLovR+mxyfvA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d320d44c99016bfba2c2b4d13839566a_JaffaCakes118

Files

d320d44c99016bfba2c2b4d13839566a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e6572d4e297ed25c0c0138e69b59e7ae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

URLOpenStreamA
IsLoggingEnabledA
CoInstall
GetClassFileOrMime
AsyncInstallDistributionUnit
IsValidURL

gdi32

SetICMMode
SetRelAbs
ResetDCW
StretchBlt
SetDIBColorTable
UpdateColors
SaveDC
TextOutW

shell32

StrRChrIW
SHFormatDrive
SHAppBarMessage

Sections

.text
Size: 24KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE