fe410491b60406afea9cde831f7f49fc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fe410491b60406afea9cde831f7f49fc_JaffaCakes118
Size

8KB
MD5

fe410491b60406afea9cde831f7f49fc
SHA1

5e3e2088f2b0374f26e4d094d678c9c027756636
SHA256

aeae85802558ae1838906c5e45164b4ad1ea00fe3516c24587b5ba830f3ddd1a
SHA512

686fb560f00808c1ba0a0ae2ecdf4c9f9c814cb594275c8b2ff93e1fddcbd81dac5397a149293f7ea8f3b9492df31f738c2e41d3b3b853be4e9a5925ca68214c
SSDEEP

96:Z13yfgCW8pvXYwkF3Nm/jbYJV2agFxcYONfeZEWVArvU3mONfeZEWV4+xF9p:wgCWSvXYwkFdmgqHFqNeTL3TNeT4+vD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe410491b60406afea9cde831f7f49fc_JaffaCakes118

Files

fe410491b60406afea9cde831f7f49fc_JaffaCakes118
.exe windows:1 windows x86 arch:x86

eaf7c7d778b427cc143d8eb209c5f6e9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileA
CreateFileMappingA
CreateProcessA
ExitProcess
FormatMessageA
GetFileSize
GetLastError
GetModuleFileNameA
GetStartupInfoA
GetTempFileNameA
GetTempPathA
GetVersion
GetWindowsDirectoryA
LocalFree
MapViewOfFile
MoveFileExA
RtlMoveMemory
Sleep
UnmapViewOfFile
WriteFile
WritePrivateProfileStringA
lstrcatA

user32

MessageBoxA
wsprintfA

wininet

InternetOpenA
InternetOpenUrlA
InternetCloseHandle

Sections

.text
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ