3fd64c8b0ed815788dc2982af7e43234_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3fd64c8b0ed815788dc2982af7e43234_JaffaCakes118
Size

488KB
MD5

3fd64c8b0ed815788dc2982af7e43234
SHA1

a60b58fb250532735ac7f5a363620e29aa2f258b
SHA256

a8de84851b8197f87db26c884fa3f8b07bb7b29d097189edb7e6ac9737bf45d1
SHA512

47c61a2902b311895c4db786f2738f32930e7fcf8e444b667f9be61506d3456c7675275052258b24bd16bafbc467c314e130cb24ce4825d3c6d47a159f0eca3e
SSDEEP

12288:lcbpHqVNt+CwoF+o/2DR2wSlr/omcsKYsArDN7FCE:lclqFaC+NSlr/KsC2r1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fd64c8b0ed815788dc2982af7e43234_JaffaCakes118

Files

3fd64c8b0ed815788dc2982af7e43234_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dced7be15023c2d6c8948e828ce35e00

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
MessageBoxA
GetKeyboardType
CreateWindowExA
DdeCmpStringHandles

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
GetModuleFileNameA
DeleteCriticalSection
TlsSetValue
lstrcpyA
Sleep

advapi32

RegQueryValueExA
RegSetValueExA

oleaut32

SysFreeString
SafeArrayPtrOfIndex
CreateErrorInfo

mpr

WNetGetConnectionA

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CreateStreamOnHGlobal

comctl32

ImageList_SetIconSize

wininet

InternetGetConnectedState

Sections

.text
Size: 29KB - Virtual size: 5.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE