JaffaCakes118_0a4a0bd4dfa4de8b5660b665cbc363ed | Triage

Sharing

General

Target

JaffaCakes118_0a4a0bd4dfa4de8b5660b665cbc363ed
Size

69KB
MD5

0a4a0bd4dfa4de8b5660b665cbc363ed
SHA1

386b3f57da5fd28afac2dc2b432572fd02ebc37a
SHA256

94628faa8a5c7fd1da375dff7495a38d063eee0342557fb963e99a26ed900e5f
SHA512

609c35d257ba8b118fbbaa39c3656cec27c1c3ea6640474caf3184ae62cede7fbe72c5781d82bad2c01f8b6d3f6ff7e942eb0480b4d82f6cae43b47b9977ad53
SSDEEP

1536:LDd/id3T08/8/xJGQJ0Jva0RiZItQ+JWSDg7phvfV:9a37BQJ09Z46tX1DgFhvd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/logs/modified_files/C/syspuxm.exe/syspuxm.exe

Files

JaffaCakes118_0a4a0bd4dfa4de8b5660b665cbc363ed
.zip
logs/modified_files/C/syspuxm.exe/syspuxm.exe
.exe windows:4 windows x86 arch:x86

985d00c1ed546d1fcbd971e1cc15a5c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileStringA
GetTickCount
lstrlenA
GetPrivateProfileStringA
ExitProcess
Sleep
CreateThread
GlobalAlloc
SetErrorMode

user32

MessageBoxA
wsprintfA

urlmon

URLDownloadToFileA

Sections

.text
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 68KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE