3f16fe13614f197fe049a8a11b8ec34a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3f16fe13614f197fe049a8a11b8ec34a_JaffaCakes118
Size

34KB
MD5

3f16fe13614f197fe049a8a11b8ec34a
SHA1

8e728e9e46c31d8d9f9a3a48d4e84f09d2225f33
SHA256

441323a6ddc56466934a2b74e9dc089503c82f1bfbafa012bc069e1935447ba6
SHA512

11fbf0a3b2c17143df1a1f227a246fad90a3ec51a207e11f273137ecb40f71d4e1327dea8b025a7283e11c7ef626de246838b55ce4b43d87869b80735bd8391d
SSDEEP

768:K/2HhjmhG09GEDdilbi5iFYCwLvNi0xJcAAmJ4w6N:KuHwhdmbTuNkC4X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f16fe13614f197fe049a8a11b8ec34a_JaffaCakes118

Files

3f16fe13614f197fe049a8a11b8ec34a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

33e41d4289916751b73be0986575adf1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
CharNextA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
CloseHandle

advapi32

RegCloseKey

oleaut32

SafeArrayCreate

urlmon

URLDownloadToFileA

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 22KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE