fd15af95413a06f22a83371b3af6b7cb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd15af95413a06f22a83371b3af6b7cb_JaffaCakes118
Size

368KB
MD5

fd15af95413a06f22a83371b3af6b7cb
SHA1

a40e42b0bfc597adef95cd9560445d2fa4fc88b4
SHA256

6a27c980ee28e71da1da9d929cef5c01ec1a6404c9cdbe9fdea1b0b3d92ab0c5
SHA512

ee2dd67468990d8cf2579ea7fbd2dc8c740759267c2a9130cfe01bae386250be436d3721544feaafb27a24608b463e3e89009cecf76f8747f5ee7598c5c15c5c
SSDEEP

6144:vw/zGvxRR8gSao0r1j4Qsv/1nhamGdnkpi8sCPfdcDHc5f0KTTUS73Qj0/jXl2bv:vcGPR8t0tsvNhamGOiL0dcIf0FS73Q8C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd15af95413a06f22a83371b3af6b7cb_JaffaCakes118

Files

fd15af95413a06f22a83371b3af6b7cb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0cd52cbbac26aa0c1dc23fe7a2dd04e3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
GetKeyboardType
CreateWindowExA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
DeleteCriticalSection
TlsSetValue
lstrcpyA
Sleep

advapi32

RegQueryValueExA
RegQueryValueExA

oleaut32

SysFreeString
SafeArrayPtrOfIndex
GetErrorInfo

version

VerQueryValueA

gdi32

UnrealizeObject

shfolder

SHGetFolderPathA

ole32

CoUninitialize

comctl32

ImageList_SetIconSize

wininet

InternetReadFile

winmm

timeEndPeriod

Sections

.text
Size: 20KB - Virtual size: 508KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE