278fa4957e7ee87a33fddb1be29791ff_JaffaCakes118 | Triage

Sharing

General

Target

278fa4957e7ee87a33fddb1be29791ff_JaffaCakes118
Size

42KB
MD5

278fa4957e7ee87a33fddb1be29791ff
SHA1

1094f4dbd8fc077eeba6986018dd17cefaf92252
SHA256

fed2da083442648e0ab6ca143a5163ae1113a00b73920b41dc07440e3b6a4ad5
SHA512

f64d0b146d159fdebff1ab814d4c5abeb94dad62b4706e71996708e4829cb913ac1ee42f0590ca70094a1bd94262f1d4c3998e96f002d6f15305cc953cdbfeb3
SSDEEP

768:rppWsMo8MeEDVWkcQjfiLzP674J52B7X07OJbzdXoiPgtPErj6owlcKe:rruoMLiaLzY4J247ONdfgw6jlj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
278fa4957e7ee87a33fddb1be29791ff_JaffaCakes118

Files

278fa4957e7ee87a33fddb1be29791ff_JaffaCakes118
.exe windows:4 windows x86 arch:x86

af18edfbeda3e98cb153e9d26db3431d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

msvcrt

_except_handler3

user32

DispatchMessageA

gdi32

CreateSolidBrush

advapi32

RegDeleteKeyA

shell32

ShellExecuteA

urlmon

URLDownloadToCacheFileA

wininet

InternetOpenA

ole32

OleRun

oleaut32

SysAllocString

version

GetFileVersionInfoSizeA

Sections

pec1
Size: 35KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pec
Size: 1KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE