604d80bda3da5e9c8906dcde99875f9f_JaffaCakes118 | Triage

Sharing

General

Target

604d80bda3da5e9c8906dcde99875f9f_JaffaCakes118
Size

44.1MB
MD5

604d80bda3da5e9c8906dcde99875f9f
SHA1

f5ce7d5b33309869c34d2facce05516b8dd632fd
SHA256

4eff121cb50ce58dd2144a4192cca1a184abf47835b9e592d0a9880477d34323
SHA512

31f3c59c5608a63816369ca1dff5e895bb310ba78c4a5c213746a2391ee853f75f941400ab1d48ec0736a797f4c2fa8717807320727d4d94e6d169d0d3fe81c6
SSDEEP

786432:BfsG/P9N6457IhV8poDQxooIvC7gGZc5QglzORJrWTnhQnqfWRholz5Qu0WlL+uu:BfT8he6yop6EPQgl6R0ThoqKolz5Qu0R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/trailer.exe

Files

604d80bda3da5e9c8906dcde99875f9f_JaffaCakes118
.zip
GH3D.txt
GamersHell.url
trailer.exe
.exe windows:4 windows x86 arch:x86

1dbcf2c6cdfb8812f5650277b7998cf3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
GetDC

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
LoadLibraryA

advapi32

FreeSid

comctl32

ImageList_Add

comdlg32

PrintDlgA

gdi32

SaveDC

ole32

OleRun

oleaut32

VarNot

shell32

DragFinish

urlmon

HlinkNavigateString

version

VerQueryValueA

wininet

InternetOpenA

winmm

joyGetPos

winspool.drv

OpenPrinterA

wsock32

send

Sections

.text
Size: 39KB - Virtual size: 3.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE