f0466f63db57f3a629cb37a54de3e202_JaffaCakes118 | Triage

Sharing

General

Target

f0466f63db57f3a629cb37a54de3e202_JaffaCakes118
Size

171KB
MD5

f0466f63db57f3a629cb37a54de3e202
SHA1

d9d5be3efec8964b53c054e65c14e586b6196222
SHA256

e0bac03f4bf0f79e71fd185fee80fb310d35c6a73e0c19243d532df1767e9af6
SHA512

a7976767d282294c560348ea4d3be81b5d1025ee7b3c5b1740a2dfe2f01c4a07747fa8b01d85bbb640be79c813910154e7c85a9b06ed66df31926e6299f07b96
SSDEEP

3072:SX52abdMtQMSd1w9nRJYlgVxIN9h1PN84mOyWxe7T:q5nb3i9nRJ+gVE/88xen

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0466f63db57f3a629cb37a54de3e202_JaffaCakes118

Files

f0466f63db57f3a629cb37a54de3e202_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7841ce4849ba34bfcf19f1c81a1a9afa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

IsCharAlphaNumericA

advapi32

RegCloseKey

shell32

SHGetSpecialFolderPathA

ws2_32

shutdown

mpr

WNetAddConnection2A

iphlpapi

GetUdpTable

userenv

GetUserProfileDirectoryA

oleaut32

GetErrorInfo

Sections

.text
Size: 129KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE