0b00c60fe1f0f833c8413b56242ba11f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b00c60fe1f0f833c8413b56242ba11f_JaffaCakes118
Size

367KB
MD5

0b00c60fe1f0f833c8413b56242ba11f
SHA1

091c128faa1512aba63a610913c8af1b57438150
SHA256

78c5e898a372c26e0cd13752be734ff493186a97e0fdaaf4421413e7b332bdc3
SHA512

e9e22de5124c528b02b921de6d8ccab5ca5daca30542739789779fe71798e958114c6c403edd8bc526b67f7e0a6cc14dfb5eb5c4824739e28bda2505b104702e
SSDEEP

6144:ymRBWYYP2mI51irQ9I51irQJGE4GDZF76dLv1xlh1pvifR:XzmrrurrFE4S3U15Lv8R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b00c60fe1f0f833c8413b56242ba11f_JaffaCakes118

Files

0b00c60fe1f0f833c8413b56242ba11f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a0510790593fa40fe7b8e042619ea2c4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
GetKeyboardType
CreateWindowExA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
GetACP
TlsSetValue
lstrcpyA
Sleep

oleaut32

SysFreeString
SafeArrayPtrOfIndex

advapi32

RegQueryValueExA
RegSetValueExA

gdi32

UnrealizeObject

version

VerQueryValueA

comctl32

_TrackMouseEvent

urlmon

URLDownloadToFileA

Sections

.text
Size: 205KB - Virtual size: 812KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE