f9f45d8600d9e75224da157322d7905b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f9f45d8600d9e75224da157322d7905b_JaffaCakes118
Size

36KB
MD5

f9f45d8600d9e75224da157322d7905b
SHA1

8996993c6de32a8d0f4eef069b056e5a1b409710
SHA256

dcb2a0be5a4d9af2bdf66e2f8c56c5b072d1f479525c08120f056166bf0a7dc7
SHA512

2f8b1f7f1437cc9c3ffe3c2d770af62ebaee0fd0982bde0e36ba6788cf87e9c4d6671888f6889894af7080dc67095a5ce17de344f28b484228c78ece23575b32
SSDEEP

384:R2U5WERHCdGM+JgmyATS7+9DGqBOy7TngAremoZ:R2U59Rij+rByTwTgmemo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9f45d8600d9e75224da157322d7905b_JaffaCakes118

Files

f9f45d8600d9e75224da157322d7905b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b1c77477b1acd14622dc4b9400334c42

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA

urlmon

URLDownloadToFileA

kernel32

GetVersionExA
GetStringTypeW
GetStringTypeA
LCMapStringW
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleHandleA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE