3f936ef89f0f110abf7c32a6633f1f7a_JaffaCakes118 | Triage

Sharing

General

Target

3f936ef89f0f110abf7c32a6633f1f7a_JaffaCakes118
Size

10KB
MD5

3f936ef89f0f110abf7c32a6633f1f7a
SHA1

25c4758a294c5ca5b81e2d364ceddc7c853d4f06
SHA256

715455d8e64bf65b0f941502c0cda605eb918cb7714bb19456be698940e6df32
SHA512

6c5e1a8d09bed6c226e0afb8ff57cee804ef4dbba67b175fca31be394605992de2d3d16a7931ea832793293b1511c62aa84d8a886a0acdb629041170b2c871fb
SSDEEP

192:UOll0ABRnRR0n5+YO57Q70mOJZHuw90ZUk:UuJRR0n0JZOW0Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f936ef89f0f110abf7c32a6633f1f7a_JaffaCakes118

Files

3f936ef89f0f110abf7c32a6633f1f7a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

924c0fe2c60eb589f373b76b9b3d0c4f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\IcyHeart\Documents\Visual Studio 2005\Projects\Down\release\Down.pdb

Imports

kernel32

Sleep
HeapAlloc
ExitProcess
HeapFree
GetVersionExA
ReadFile
WinExec
GetSystemDirectoryA
CloseHandle
CreateFileA
GetFileSize
lstrcatA
DeleteFileA
lstrcpyA
GetTickCount
GetProcessHeap
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetCurrentProcess
TerminateProcess
RtlUnwind

user32

wsprintfA
LoadCursorA
SetSystemCursor
GetSystemMetrics
CopyIcon

wininet

InternetOpenUrlA
DeleteUrlCacheEntry
InternetCloseHandle
InternetOpenA

urlmon

URLDownloadToFileA

netapi32

Netbios

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Darkst
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE