38d08e1238217e58ea737251d5ecf489_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

38d08e1238217e58ea737251d5ecf489_JaffaCakes118
Size

72KB
MD5

38d08e1238217e58ea737251d5ecf489
SHA1

cc54a47befea323c4ec791573878d1097cc1c1b2
SHA256

0a1bdbab1361a0356887a65deb7f4d2cd80798f0d9413bd8d4472367b3857edb
SHA512

b669d9244948183e401fe03876a00e9ff88e993df0a0258c410ca5c4b44af41d67277096585f9a5fd3b8a9ce5ca6de531c2a241d7dc146833d22e01142a463dc
SSDEEP

768:j6SGhBnngQbhbfK65ml1dfSSr8q9Hhwi9E+gbMcdVYzDzDp2Ot8+NXeto5Dnsg:+S6/Jkl1dflr8qVhw93L08+NVbsg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38d08e1238217e58ea737251d5ecf489_JaffaCakes118

Files

38d08e1238217e58ea737251d5ecf489_JaffaCakes118
.exe windows:4 windows x86 arch:x86

00c40f0ae41d3ddd14f58330320cc00a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
CheckMenuItem

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
ReadFile

comdlg32

GetOpenFileNameW

advapi32

RegSetValueExW

comctl32

InitCommonControlsEx

gdi32

CreateSolidBrush

shell32

ShellExecuteW

Sections

.text
Size: 72KB - Virtual size: 392KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE