223e199541887817834aa922575c9bc0_JaffaCakes118 | Triage

Sharing

General

Target

223e199541887817834aa922575c9bc0_JaffaCakes118
Size

305KB
MD5

223e199541887817834aa922575c9bc0
SHA1

836845a3b4fd18c4f520e9fec18f421daf77b96c
SHA256

4772cea1874c35be783830e477351fe6d3bd580e6b83482068c52c559f5a505f
SHA512

a0ef062bc5a1e5d5d15ea5dd5831492405294b03efd4e2c483e634f7daa9e5525d77fc28d4f6d345263f9c4684ac7220c1b119f9333d89d2f5b4e13f1322b95d
SSDEEP

6144:9hgHdPkvWPDtJrrKDLfMLE51cHRjyeDyLOhrHhVH/:YdsvuDtJ3GLkfBr/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
223e199541887817834aa922575c9bc0_JaffaCakes118

Files

223e199541887817834aa922575c9bc0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

58bc315907d66bd6874cde66e709755a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA

msvbvm60

_CIcos

Sections

.text
Size: 44KB - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE