41493d0e16721e46ec4fd706838f7af9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

41493d0e16721e46ec4fd706838f7af9_JaffaCakes118
Size

164KB
MD5

41493d0e16721e46ec4fd706838f7af9
SHA1

8ac7a710c8f8e05f02079d2826be94e5b2dba49f
SHA256

4314ab79aedc1147b5d781c293ce91459e4410544bd90771d28fd28d09c85250
SHA512

6b4291e550c08768203fda561826f5cdde65e4770d953a179f3d27347b3288c582800b28db5c88b510e01b043d6fa32fabc26a7c6b173732d517428023e4fc89
SSDEEP

3072:E4JO4h5UEbx7ABc+urPSV2DiYHhs3PBRZS/LfZkeX/v+lz/ooS4ij:rJ5fUJBc+uj9TBkenxoKj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41493d0e16721e46ec4fd706838f7af9_JaffaCakes118

Files

41493d0e16721e46ec4fd706838f7af9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

99192e22414fae97de7f93bcf61aef1f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA

msvbvm60

EVENT_SINK_GetIDsOfNames

Sections

.text
Size: 23KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE