0f857892b8a50ab7b8e01e8acaa4c77b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f857892b8a50ab7b8e01e8acaa4c77b_JaffaCakes118
Size

8KB
MD5

0f857892b8a50ab7b8e01e8acaa4c77b
SHA1

7bc2c75b6f5ecb5abc9245bff61213b1b73188a0
SHA256

d0b3a1f5e2b00a5aeb101d0337b303117e9554366cdccf45b89c5f8209298136
SHA512

32b5d59bc5a4020dd661e6ed4a99a96c62d264dc9f7d2414c1c49adff44adb8b0d32931ddcc988b9daf140865d271108f728489fcd4d607d06b193e155080110
SSDEEP

96:X6Qu9Y1fjLFOjviacgyw8bH5ToUsQj83W0Z/IW6n/ZwxY2655qyol7/:Xy9qjATiaPyN2fVIXnxwxYb507

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f857892b8a50ab7b8e01e8acaa4c77b_JaffaCakes118

Files

0f857892b8a50ab7b8e01e8acaa4c77b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2bed3b575b122ce7042753fe75b3b7d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
FormatMessageA
GetLastError
SetLastError
VirtualAlloc
CloseHandle
MapViewOfFile
CreateFileMappingA
VirtualFree
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
GetModuleFileNameA
GetModuleFileNameW
SetEnvironmentVariableW
SetEnvironmentVariableA
WideCharToMultiByte
UnmapViewOfFile
lstrcpynW
GetFullPathNameW
GetFullPathNameA
HeapAlloc
GetProcessHeap
GetFileSize
ReadFile
SetFilePointer
CreateFileW
GetEnvironmentVariableW
CreateFileA
GetEnvironmentVariableA
GetVersion

user32

MessageBoxA

Sections

.text
Size: 8KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE