026202c211f73dbee5e3838af3d670bc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

026202c211f73dbee5e3838af3d670bc_JaffaCakes118
Size

279KB
MD5

026202c211f73dbee5e3838af3d670bc
SHA1

6e57e4b6756fccd03c0ff8e15fedf3e8d0fed38a
SHA256

1c440a3e2cdd6d47328db14f63639831a4eb63b49150121cbec9038dff3c50b0
SHA512

1a5186cd842f6a9f25ffef1511893661bf1bd3bde108a8f281b2ec17077d967a45687d1a33f13a86e8bfc18e2a0d1c6fffba68ff1f2d92a987aa47630e5869d0
SSDEEP

6144:485OlHjzi20za08uwlayaOk2qn5da2517lKwiFpGvjMAXwnDBzVF5BQho7v:4qOlHj+20O08llayQX542517UdsjMpnZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
026202c211f73dbee5e3838af3d670bc_JaffaCakes118

Files

026202c211f73dbee5e3838af3d670bc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d346e216b557a7aa248d983b53f54dbd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
SetFocus

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
lstrcmpiA

msvcrt

_CxxThrowException

advapi32

RegSetValueExA

ole32

CoCreateInstance

oleaut32

VariantClear

Sections

.text
Size: 19KB - Virtual size: 296KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE