42c36431a380e415e7184be1c8f348ce_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

42c36431a380e415e7184be1c8f348ce_JaffaCakes118
Size

162KB
MD5

42c36431a380e415e7184be1c8f348ce
SHA1

a8b6cf1dd4b73685a5e37eed686cebbb380bb71f
SHA256

c1f95438e81a0633b6fa9fbec31c22a9e3717158e0f40d2c8266328fbefe4cfd
SHA512

87553c1fd0be886e6a524886512508e5cbcf47e88a39ecea3a061b42457ee1749fc5324b3acac2a248675a0dd7b053c6a81b8a1e4eaf33ab6ab43f7dcdb70b3f
SSDEEP

1536:kS3GTOjFDKrZS3GTOjFDKrZS3GTOjFDKrZS3GTOjFDKrZS3GTOjFDKr:kS37DKZS37DKZS37DKZS37DKZS37DK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42c36431a380e415e7184be1c8f348ce_JaffaCakes118

Files

42c36431a380e415e7184be1c8f348ce_JaffaCakes118
.exe windows:1 windows x86 arch:x86

4171146cb962e3627f1a9bd22db00bb6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

Extract
CreateAsyncBindCtx
ZonesReInit
DllCanUnloadNow
IsAsyncMoniker
IsValidURL
URLDownloadW

wsock32

WSAStartup
htonl
SetServiceA
gethostbyaddr
listen
accept
bind
htons
sethostname

Sections

��t
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE