ed7f21ccf1a6a18e1062a4c80dbbca62_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ed7f21ccf1a6a18e1062a4c80dbbca62_JaffaCakes118
Size

170KB
MD5

ed7f21ccf1a6a18e1062a4c80dbbca62
SHA1

e283d48a8f7ba557ac7330bcb13578964424f81b
SHA256

0e0265ba19e5c3538f2a7d3635ba56f8b2157a314ef7ee37704e1b141d94d77e
SHA512

7065372a503abf6905b2f027fa7c82d0a3edbbb9a4e27a9fae2f005a48d1629a545ffb22416677579bf3c851f22be86408ace6b41ae0a54df47b7e9926ee7989
SSDEEP

3072:EWnH+72xFxu/NDmiuQZJltLYb6+Iebi+VarVZi6RZYfN5k0GV9vMhqyamr4:veyxXu/ISa0eapZpZY7tGVVx0E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ed7f21ccf1a6a18e1062a4c80dbbca62_JaffaCakes118

Files

ed7f21ccf1a6a18e1062a4c80dbbca62_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f6ced02617181defbf7e17c76a9427b1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
GetKeyboardType
MessageBoxA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
DeleteCriticalSection
TlsSetValue
WriteFile
Sleep

advapi32

RegQueryValueExA

oleaut32

SysFreeString

urlmon

HlinkNavigateString

Sections

.text
Size: 23KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE