0fe767993f319e88c3c4a6981ef96ca5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0fe767993f319e88c3c4a6981ef96ca5_JaffaCakes118
Size

512KB
MD5

0fe767993f319e88c3c4a6981ef96ca5
SHA1

a17e92af528b89db0100a794fb93143ad2a56a0c
SHA256

5e8a085ea72adcaed5392bc78a66c152cc1019fdf3898d4dcad7ed35d08ff55f
SHA512

b8bcd6ad45c2bd0c23bcf424b001d094dbeb87d0a9cfcfc42234428607d617992c9ea4dd4be9d019e97df1d2d831cfe96ac22a8c8bec1f2aa7b54ddab576afa8
SSDEEP

6144:whG6p5yijEdsvPubxxjL5FhCIPfQwypMkVphi:yxfXAG3WhBPfQwypRVm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fe767993f319e88c3c4a6981ef96ca5_JaffaCakes118

Files

0fe767993f319e88c3c4a6981ef96ca5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

93a7c2fa2008070d9c44009f06e64136

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

urlmon

URLDownloadToFileA

wininet

InternetCloseHandle

advapi32

CloseServiceHandle

comctl32

ImageList_Add

gdi32

BitBlt

user32

ActivateKeyboardLayout

winmm

timeGetTime

ole32

IsEqualGUID

oleaut32

SysAllocStringLen

Sections

.text
Size: 195KB - Virtual size: 564KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE