2a973d5baf75d19dc0a3924e60aad5c9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a973d5baf75d19dc0a3924e60aad5c9_JaffaCakes118
Size

2.8MB
MD5

2a973d5baf75d19dc0a3924e60aad5c9
SHA1

018531caabfa38660164a7bc729f87102728d70d
SHA256

f4bb4514a013cacbdd3a99cf7230230bb34e3196603b3cd710482a06363f6a3f
SHA512

bd8456b55b97da79be4eb3ffa10532cd7c74423f152bea3b88987e8164579e8f77576128b82a4d1315572cc7f4f11c900bf6928d5a7876ecb40ca281a76c9c5a
SSDEEP

49152:Nh2m6v/5O0BbfrBIyY0foqGN35I6d0B9kz5mEcGgYDtwBVcr759+p4/:NhFcO0RVIBcoqgI6dz5xdgYDtwBVcrdz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a973d5baf75d19dc0a3924e60aad5c9_JaffaCakes118

Files

2a973d5baf75d19dc0a3924e60aad5c9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d57456d24e68f4890e0e08ab79dc2ae9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
CharToOemA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
CloseHandle

advapi32

AdjustTokenPrivileges

comctl32

ord17

comdlg32

CommDlgExtendedError

gdi32

DeleteObject

shell32

SHBrowseForFolderA

ole32

CLSIDFromString

Sections

.text
Size: 25KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE