d42a38669cc31ee0a1d458093e426265_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d42a38669cc31ee0a1d458093e426265_JaffaCakes118
Size

188KB
MD5

d42a38669cc31ee0a1d458093e426265
SHA1

a468d210fb2b0f9ceb891a70c5631aabc635812c
SHA256

c030829fe107686723df6dd4a152a8939378304845588001f887465013113fc6
SHA512

103246d929c545d6ca424606bb905a6fb47f1bdf3c29cf1d42f519d0b8a6f7830878367209581520c4b13f0b7d5614f3b375ae97f76654376affe556bd5e7df4
SSDEEP

3072:WCqW/J61ApDMXLV3KSUeGHQMR3wkwcnKXB3s/6pUWid3t3QxkaCj:WvW/J61353KdoAwkwcKXB32WivAxka

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d42a38669cc31ee0a1d458093e426265_JaffaCakes118

Files

d42a38669cc31ee0a1d458093e426265_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fecf752b90fde21484fed115ad76acbf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetOpenUrlA
InternetReadFile
InternetOpenA
InternetCloseHandle

winmm

timeGetTime
timeSetEvent

gdiplus

GdipCloneImage

ole32

OleTranslateAccelerator
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc

kernel32

LocalFree
InitializeCriticalSection
SetFirmwareEnvironmentVariableA
DeleteCriticalSection
LoadLibraryA
GetLastError
EnterCriticalSection
GetSystemInfo
GetModuleHandleA
EnumResourceTypesA
GetProcAddress
LocalAlloc
GetShortPathNameA
LeaveCriticalSection
LCMapStringA
LCMapStringW
SetStdHandle
GetStringTypeA

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ