0bcc70fdbc368747f1cb578b58195796_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0bcc70fdbc368747f1cb578b58195796_JaffaCakes118
Size

52KB
MD5

0bcc70fdbc368747f1cb578b58195796
SHA1

5cbe3dcbefc37e19da274e38cb4ccffba837b496
SHA256

9be853f658ec28087aba6980aab37f6e6c7e15901cb375816ccabe14c244266b
SHA512

54d5a567e068dea9e09e0d673fe95fac5e3473b033dba4f9d74bcf5f08ee1e14252036478f8a0b3bb92894ef835b35eb8ebbbda97cbbceae072a6bc1d3b4c247
SSDEEP

1536:VWXV3HT3l8J9zpqXd5SHLazglpxGu+8vs:4XV3z3l8J98oez0p6w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0bcc70fdbc368747f1cb578b58195796_JaffaCakes118

Files

0bcc70fdbc368747f1cb578b58195796_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4c71388e384fa8d26ecec1f0da9a7e67

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

URLDownloadToCacheFileA
ReleaseBindInfo
CompareSecurityIds
DllRegisterServerEx

ntdll

LdrShutdownThread
ZwSetInformationProcess
KiUserCallbackDispatcher
LdrLockLoaderLock

Sections

.text
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE