39bb350faa2cbee1bb11435df7b36b76_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

39bb350faa2cbee1bb11435df7b36b76_JaffaCakes118
Size

81KB
MD5

39bb350faa2cbee1bb11435df7b36b76
SHA1

60692020677f4d47283850f93fa661d0c3ae4251
SHA256

cf4ea0a83010d77ae1c13a4b81fcc28650bb9ceb0f8ae24af283fe035fd6ba51
SHA512

485655e0336e52cacb2fe09ae5466da613dc0de4f6adc8baa39e37310b1f7b770dca425b843d36cc0bbe51ad5dfdbc4b918675f55be2bb8218d62e2d5f158d4f
SSDEEP

1536:tU8pMW4tFRKKBnY20UTVaMwOT6UoVadbnjCJ5Pmpe08FOzRHR7aV2VKo:q8KW4tfjBnD5w27jCJ5PmvzRHR7Co

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39bb350faa2cbee1bb11435df7b36b76_JaffaCakes118

Files

39bb350faa2cbee1bb11435df7b36b76_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1cee19ab8362e137818ed4aa9007ddb4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

msvcrt

abs

user32

LoadImageA

gdi32

CreateFontA

advapi32

CryptAcquireContextA

shell32

ShellExecuteA

urlmon

URLDownloadToFileA

wininet

InternetReadFile

version

GetFileVersionInfoSizeA

ole32

CLSIDFromString

oleaut32

SysFreeString

Sections

pec1
Size: 52KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pec
Size: 1KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE