d517f5a34f1e3fd285091a4f678d0a44_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d517f5a34f1e3fd285091a4f678d0a44_JaffaCakes118
Size

31KB
MD5

d517f5a34f1e3fd285091a4f678d0a44
SHA1

466f72b732da9df70d915ad27e8a9e5a432a5645
SHA256

a3e18a60e6660cf0d4d7ae96085175a8c2f5ab5b61081f50ef0baaeea42cdae0
SHA512

21954b04fa24c896cbfe66c9d08cb220aa7f474373b33af2bc1e4b60c02c77cff13d7b8a2ea7693f0630502a84edd00c02fdb53c876e0ef05eaf5d5423a28cdb
SSDEEP

768:dejsRtXicZrwtWxAp/ZH3Fq9dqdievuRNc:dHMMoHcedi3RS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d517f5a34f1e3fd285091a4f678d0a44_JaffaCakes118

Files

d517f5a34f1e3fd285091a4f678d0a44_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9a3d47edeeb62d8e177bae6a42924e37

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

UrlEscapeA

kernel32

SetLastError
SetErrorMode

msvcrt

malloc
free

winmm

auxGetVolume

Exports

Exports

unocznoqg

Sections

.code
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 393B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 356B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ