412e2bd19c02100b9607c5e8ed400f85_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

412e2bd19c02100b9607c5e8ed400f85_JaffaCakes118
Size

32KB
MD5

412e2bd19c02100b9607c5e8ed400f85
SHA1

742d743ead6d2164e0a97f502815dec554676181
SHA256

dae0bcee0a070b00db6a5f54657cfdacd06f8be89fada0bd06539568e600f708
SHA512

e18659f1860696195147ad409210764d72f7229a06a69a4a944d2d2fc41910f37588b3b7ebc253b6e06c34eb8c5750b2697127a9abadc8d68ecc53deff62f01f
SSDEEP

768:Rf4nlXrKANygObiiay+WyjRJjCFkxzTIg3g3L6ua8JWAEu:tirIgDjCKxzTVg76ualAE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
412e2bd19c02100b9607c5e8ed400f85_JaffaCakes118

Files

412e2bd19c02100b9607c5e8ed400f85_JaffaCakes118
.exe windows:4 windows x86 arch:x86

81e6a13ecabd65fa632631712355e6bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

_controlfp

user32

IsWindow

advapi32

RegDeleteValueA

shell32

Shell_NotifyIconA

urlmon

URLDownloadToCacheFileA

wininet

InternetGetConnectedState

ole32

CoCreateInstance

oleaut32

SysAllocString

version

GetFileVersionInfoSizeA

gdi32

GetDeviceCaps

Sections

.text
Size: 26KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE