01f56937e84ad62909f31d9dbb23de21_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

01f56937e84ad62909f31d9dbb23de21_JaffaCakes118
Size

131KB
MD5

01f56937e84ad62909f31d9dbb23de21
SHA1

b93e33930aa6fdf7c8146508d0c5af56af4d3c24
SHA256

e5d0f7a4549e6f23b5198eee95b7853f6b7998f110214a0ddad815a655c5c17e
SHA512

83e19543577034c2468d7db1e932d7fd08a3a43887e8cf55ff90d5140bb937beea8ce4a36ba4cb670434ebff67317d116b51d2582379eb8dcf5c0e8617053f42
SSDEEP

3072:sXZJ9u8GG8GH8l1c55AzSqTUt/zfzSMUHWZqJkhUE52CS7njRG:sXVfngaPITM/zfeD2TF88

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01f56937e84ad62909f31d9dbb23de21_JaffaCakes118

Files

01f56937e84ad62909f31d9dbb23de21_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d7d677376ef43471714277b055d53a2c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

IsValidURL
RevokeFormatEnumerator
SetSoftwareUpdateAdvertisementState
URLOpenBlockingStreamW
WriteHitLogging

msvcrt

_clearfp
_close
_commit
_commode
_control87
_copysign

kernel32

CreateMutexA
CreateNamedPipeA
CreatePipe
CreateProcessA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 126KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE