e24a9f05a6de6de56699c5816b769778_JaffaCakes118 | Triage

Sharing

General

Target

e24a9f05a6de6de56699c5816b769778_JaffaCakes118
Size

62KB
MD5

e24a9f05a6de6de56699c5816b769778
SHA1

49ef5d7447dbfb8a433d810cb5b01a6f13c94c16
SHA256

a15e8d04dd3b8cc47cf5150070688ad125cd66fc076bdad3c68b1f2e78d86363
SHA512

1c758d0aa1fa671f1d9b6a43fd9079be50d0d09c2cf522800370eace534a984a7e656a7c939880e08d3e5be2f701f92d56eed5d6fe4dc81aea40d24f7fdb5c0e
SSDEEP

1536:K8rT+onNbyXs8StJlUUInB8Wra8GpK1SvNfB4:NrionNbgTElE1rN+hlfi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e24a9f05a6de6de56699c5816b769778_JaffaCakes118

Files

e24a9f05a6de6de56699c5816b769778_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bd321b1e97ddda73ac525120a887a6ea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

urlmon

URLDownloadToFileA

advapi32

RegCloseKey

shell32

ShellExecuteA

user32

CharNextA

oleaut32

SysFreeString

Sections

.text
Size: 56KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE