0e48eec4a7091c4d2774b166c12f8b5a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0e48eec4a7091c4d2774b166c12f8b5a_JaffaCakes118
Size

62KB
MD5

0e48eec4a7091c4d2774b166c12f8b5a
SHA1

02409bcc11d6886d5727e273b81f68cb03b6d363
SHA256

c9a2fa513ee38e1b8108867c1b2769218f79506f7a3d464a7bb8141267a2e0b8
SHA512

5d6d2b78f98cab9029fa154c426a8ac6d88ecdb6d89676ddae93e0c201f722fa5d10a6c2d69cdb8dbe822d88ba31735fb31148c95bbb8a169db26839b1d8fa4b
SSDEEP

1536:6eFSVG0vWYe9IB10x8aM3DCE/THRK9WGCUR:yGMEiB102rP/+bR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e48eec4a7091c4d2774b166c12f8b5a_JaffaCakes118

Files

0e48eec4a7091c4d2774b166c12f8b5a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3cf3517a9a09bd187022be194a7c644f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

advapi32

RegCloseKey

user32

CharNextA

oleaut32

SafeArrayCreate

urlmon

URLDownloadToFileA

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook

Sections

.MPRESS1
Size: 55KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE