29adeecbc84641992faf467910650807_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29adeecbc84641992faf467910650807_JaffaCakes118
Size

1.5MB
MD5

29adeecbc84641992faf467910650807
SHA1

f07f18c76082a096abc94bddbb6a92f58aaf2cc5
SHA256

6eccdcb4f2816e16e4ef96dd054d33e3ceb1b11115c86e4d2fba8b794d06ccf8
SHA512

ac8111b63ea45d26506dc0c133e65cc0d0e44f27819b65492bdb8b3d4744d8130f3d52609e9112e8704e572a7bf383f50193567ad27b3c7a20f3db9588178ed3
SSDEEP

49152:KC0KOEsJe28rawwJGgfnudGkhRs3obvya5c2BIN:KC0KOZJe28rawwJGgfnudGkhRs4D5cuW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29adeecbc84641992faf467910650807_JaffaCakes118

Files

29adeecbc84641992faf467910650807_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c220ea1a5fb5b72f2afe6feeb2803d5d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
MessageBoxA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
LoadLibraryA

Sections

.text
Size: 47KB - Virtual size: 4.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE