1851a2cbbc8cf78f16687e9a4eeb2b3f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1851a2cbbc8cf78f16687e9a4eeb2b3f_JaffaCakes118
Size

227KB
MD5

1851a2cbbc8cf78f16687e9a4eeb2b3f
SHA1

d9f93068263cc571432eb2425f107f3265aa3004
SHA256

906ac00341bfc1ed6331dbf60c8f8289f69318f169021b6f15b9943f731f680d
SHA512

2429988daeebedfe2941792e5e03040d6e918444493f21d91730ec6002417f2fadd5bec12f1d05e7401f49d835789e3f558b0753bb60cf40a05c9f94b129b501
SSDEEP

6144:UeV2pdbV+uNRuSbamRbSEHGmknjJj/gsnNJ8W/EGu:UFguPRuqGmkZV8YPu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1851a2cbbc8cf78f16687e9a4eeb2b3f_JaffaCakes118

Files

1851a2cbbc8cf78f16687e9a4eeb2b3f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

369d2b9d33396cf828e7e5fc8d7e3aa0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

LoadLibraryA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
VirtualAlloc
CloseHandle
MapViewOfFile
CreateFileMappingA
VirtualFree
GetProcAddress
VirtualProtect
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameA
GetModuleFileNameW
GetVersionExA
UnmapViewOfFile
VirtualQuery
SetFilePointer
ReadFile
CreateFileA

Sections

.text
Size: 14KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE