3d5398f76ed5d6fdb586ca49d775e81c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3d5398f76ed5d6fdb586ca49d775e81c_JaffaCakes118
Size

169KB
MD5

3d5398f76ed5d6fdb586ca49d775e81c
SHA1

7e6f8b27f98f78dc59f1ceb92031ed3b51f09763
SHA256

682e6cd8b99f570a48577888f44531559b8210722de9f3d1927880806af16c0b
SHA512

ed092c611ab84e2dc2e17c66e9db3f0dd624ac6505aa324b95850c748e391211b3913b08ded969f7b238dfeea16071f4e2351133f19d6e8f4df846dec723d27e
SSDEEP

3072:+u/6AmO85phxMdKxiRq1CwgmdxplpT4iotkstMtmk+1SvFTPYu:+YiRcoF1EsZotxEmk+1SvFbb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d5398f76ed5d6fdb586ca49d775e81c_JaffaCakes118

Files

3d5398f76ed5d6fdb586ca49d775e81c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0dfa28acf6845608382b3189782224af

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
GetProcAddress

Sections

.text
Size: 19KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE