397853d81c22814377944936ffd7a7fa_JaffaCakes118 | Triage

Sharing

General

Target

397853d81c22814377944936ffd7a7fa_JaffaCakes118
Size

153KB
MD5

397853d81c22814377944936ffd7a7fa
SHA1

4682dc892a32fc036c21f556e046847512034382
SHA256

4ae1563e3b8f7be1d150a8c0b9acbfe601ea50d38453418ea305d9ed355e8669
SHA512

9aeb773d3548d873d78a5946a19745384537b51e39c47e87fdf7b208bace3ec58cae65c6c5d756672d501215dc0fd1d1ecc8494ef54fcc9b03ba70684f6f8854
SSDEEP

3072:fs9BrTovgVkFnXmn6NUIW4uUKgDt2kM6nw6xp0zR7DKBLkKNd:MrTfn6NUcuUzr5WZ2LkKNd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
397853d81c22814377944936ffd7a7fa_JaffaCakes118

Files

397853d81c22814377944936ffd7a7fa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9c2fe897ff9207ddcc74ee35f8b95f8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
FindWindowA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
AddAtomA

msvcrt

__getmainargs

urlmon

URLDownloadToFileA

Sections

.text
Size: 23KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE