da10dd00d0be8ab1df9a04b0d132a4c2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

da10dd00d0be8ab1df9a04b0d132a4c2_JaffaCakes118
Size

48KB
MD5

da10dd00d0be8ab1df9a04b0d132a4c2
SHA1

6ef257d503d4d0073bfa8c728b9eec8ca6a5d782
SHA256

9cc56fd619d6f2404c15d8040da3843cd4024de03c881cd6a543c9966bb201af
SHA512

4567e2770792b5f4d8cb1f1f059a9a1feabcd5ed9ad078b0ce556c607db50b6b9be248c83e536014b4e357e5ec354078775d1865102fd213b1f1dca006b922db
SSDEEP

768:6RDTEaIDzvXQtCfxPwZJ0/QwWb0CziYvNdWdt6GCu:InWDzvgtCfoB+YLk4GCu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da10dd00d0be8ab1df9a04b0d132a4c2_JaffaCakes118

Files

da10dd00d0be8ab1df9a04b0d132a4c2_JaffaCakes118
.exe windows:1 windows x86 arch:x86

dc1a6c14180164278e43cc164d721a54

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

htons

wininet

InternetCloseHandle

shell32

ShellExecuteA

kernel32

GetProcAddress
GetModuleHandleA

advapi32

GetUserNameA

crtdll

__GetMainArgs

Sections

.text
Size: - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 93KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE