ff1b911d171826c6fd51acd694b05b9b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ff1b911d171826c6fd51acd694b05b9b_JaffaCakes118
Size

23KB
MD5

ff1b911d171826c6fd51acd694b05b9b
SHA1

49be85c4d2645d480624486a58eb4757845fae2b
SHA256

3019bd384b71d23ee49e48b9c9bdde617642a1b163e1e96ba9c576c2ba265cec
SHA512

e70036352c6b5bc8e3e65dad24c2469f774dff14ece16ba594929f61dc6b649f6d95cda905cafcb7d43c43b1bb4a79840248598b0fe70ea4397bc7c4f209188f
SSDEEP

384:epmnYy9kjZ4UFh0myQuk7SDCAQHHFPmYgPoLarlNaMz5xdwO7Q7vvxlLxWWaW:eKFkyCvVD7SDGnNmZzaoVw57Dv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff1b911d171826c6fd51acd694b05b9b_JaffaCakes118

Files

ff1b911d171826c6fd51acd694b05b9b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

74917518e6d912a3b6afc320a0a11571

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

time

advapi32

RegCloseKey

ntdll

NtClose

rpcrt4

RpcEpRegisterW

wininet

InternetOpenW

ws2_32

WSACleanup

ole32

CoInitializeEx

Sections

.MPRESS1
Size: 18KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE