0900b279afc2d75450efe0df0ed6d179_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0900b279afc2d75450efe0df0ed6d179_JaffaCakes118
Size

52KB
MD5

0900b279afc2d75450efe0df0ed6d179
SHA1

71899c5e478609428ea619b9d57148b1c5360729
SHA256

02436c5a840331c0670372ce496601a3af79cfb90253d954885e59992abf80c4
SHA512

1345c53753fd85828012391e66b1bdf8617a0a453e4c38216f49ed884598d91df6b0dc219e665fd73e1f2d6f924d154c71ba66880f54b9153df8933a19941aa2
SSDEEP

1536:EnDTVI6KOK0UkQDYT6iodebfqebvMxWQ:c9u0Pcdd98vM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0900b279afc2d75450efe0df0ed6d179_JaffaCakes118

Files

0900b279afc2d75450efe0df0ed6d179_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4c71388e384fa8d26ecec1f0da9a7e67

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

URLDownloadToCacheFileA
ReleaseBindInfo
CompareSecurityIds
DllRegisterServerEx

ntdll

LdrShutdownThread
ZwSetInformationProcess
KiUserCallbackDispatcher
LdrLockLoaderLock

Sections

.text
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE