d72d5b20604254848d0cdd51b1c3de01_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d72d5b20604254848d0cdd51b1c3de01_JaffaCakes118
Size

250KB
MD5

d72d5b20604254848d0cdd51b1c3de01
SHA1

3f7202331330f1c1ba7dbdb5a4a37997f76e72f6
SHA256

6ad47e5dfb5d6c563bbf727570e6dfac849152a3cf19579a67fdfca2dcf1a1d1
SHA512

dd82d6b5c1bead130cf864122b1e1c1b667125894f0d463041c04b31057c9424ceefc0c1da88cedff02687705deb9d85f4fcb39eb28c140fa692447ccf276b8a
SSDEEP

6144:+KXuawUwXfqd9pLpa1UFu0OAPpJoPMSAJ:+R9Sd9ptaWkAhWESA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d72d5b20604254848d0cdd51b1c3de01_JaffaCakes118

Files

d72d5b20604254848d0cdd51b1c3de01_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e1d2ecea109ad5b0fe85a7bcd47742ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

_itoa

shlwapi

PathFileExistsA

user32

GetActiveWindow

ws2_32

closesocket

oleaut32

VariantChangeTypeEx

Sections

Size: 243KB - Virtual size: 572KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE