0e31b0468d8f7d438ea0c333bc70e109_JaffaCakes118 | Triage

Sharing

General

Target

0e31b0468d8f7d438ea0c333bc70e109_JaffaCakes118
Size

644KB
MD5

0e31b0468d8f7d438ea0c333bc70e109
SHA1

9e04df573d539e4ee0e8874d4b121d40a44380ca
SHA256

7f4b48dd53bb6ae9e85f04535b3d876cf1464766b44f67ab67292c7991e4eba1
SHA512

05221fc5b44353e5c9a0d1953a92d828ca17a472e7611abb5e118dd746c1a66fd71f454f0b6a87da6253029a5c362f21e37b98781605242723e341df8c157979
SSDEEP

12288:RoRphb/JNkfE0SzxA1qrufzoeGpdVAGwQqaHPayu1vFkV4d2SwzGpWtrT:RgrMfTiKEeY/AG7Lviszr1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e31b0468d8f7d438ea0c333bc70e109_JaffaCakes118

Files

0e31b0468d8f7d438ea0c333bc70e109_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d2f6814e3c7a98947c738805f85fe278

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
GetKeyboardType
CreateWindowExA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
GetACP
TlsSetValue
lstrlenW
Sleep

oleaut32

SysFreeString
GetErrorInfo
SafeArrayPtrOfIndex

advapi32

RegQueryValueExA
RegSetValueExA

msimg32

GradientFill

gdi32

UnrealizeObject

version

VerQueryValueA

ole32

CreateStreamOnHGlobal
IsEqualGUID

comctl32

_TrackMouseEvent

urlmon

CoInternetCreateZoneManager

wininet

InternetSetOptionA

shell32

ExtractIconA

Sections

.text
Size: 23KB - Virtual size: 15.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE