52b1e5e8beb2695bbddd1e699bbc14ed_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

52b1e5e8beb2695bbddd1e699bbc14ed_JaffaCakes118
Size

67KB
MD5

52b1e5e8beb2695bbddd1e699bbc14ed
SHA1

5bad34945078a8bb4e3caca09d05923525494c27
SHA256

d2a468026a8a614ed0c8f6c730c83e561ecad2613be8caf011496be1b8771a16
SHA512

362caad12cb1b917d839df38b8062271a5c177a1a1bb9c93c4a9415991258151bb5fe9fe1e7f660a2a34f9eafba0a7efc21ebab39a3e9052b34f5c6f2813ed91
SSDEEP

1536:/jl5VeEWYiU9FHBfXpyZc/rbyX0qvNRemHS98o:/x5V3WYrBXpGczb00sS8o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52b1e5e8beb2695bbddd1e699bbc14ed_JaffaCakes118

Files

52b1e5e8beb2695bbddd1e699bbc14ed_JaffaCakes118
.exe windows:4 windows x86 arch:x86

77eb0c164090eeb15303c2f6d8bf8bef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

FaultInIEFeature
GetClassFileOrMime
CoInternetParseUrl
ReleaseBindInfo
URLOpenStreamA

comctl32

ImageList_DragEnter
DrawInsert
ImageList_Remove

user32

CreateDialogParamA
CreateWindowExA
MessageBoxA
MessageBeep
DestroyWindow

kernel32

BackupRead
DuplicateHandle
CommConfigDialogW
CancelIo
EnumTimeFormatsW
ExitProcess

msvcrt

memcpy
memcmp
strstr
strlen
strcpy

Sections

.text
Size: 41KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 512KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE