4232f4be2ba4fd046fb95e0990ed6b5c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4232f4be2ba4fd046fb95e0990ed6b5c_JaffaCakes118
Size

454KB
MD5

4232f4be2ba4fd046fb95e0990ed6b5c
SHA1

f864cad665977eb743afc27808f20e8c2fd19941
SHA256

97d2df5896611491ddc9a68897769842c55466e646083f85cb0b8231b7a1d756
SHA512

fd7b787cbf52ffcd1ab1cb86f76923afd833b4da90c14b6bff924233a6166a5723f651708fed97df4a04ba0f01b28b717c0d187d532c92e10fb946bc68e4e7d7
SSDEEP

12288:GarPtO8t7aswjcDKCxmqMhJtJ5z//3qmzcx1BI2qe8D:lOYp8cGvhJ35z/ymzcxjtqzD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4232f4be2ba4fd046fb95e0990ed6b5c_JaffaCakes118

Files

4232f4be2ba4fd046fb95e0990ed6b5c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7d30f96be57b583738371b5f6f985d33

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
SetCursor

kernel32

GetModuleHandleA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
GetModuleFileNameA
LeaveCriticalSection

ws2_32

connect

wininet

InternetCloseHandle

msvcrt

_controlfp

msvcp60

?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z

msvcirt

?get@istream@@IAEAAV1@PADHH@Z

mfc42

ord2546

gdi32

GetStockObject

advapi32

RegCloseKey

shell32

SHAppBarMessage

comctl32

ImageList_GetImageInfo

Sections

.text
Size: 14KB - Virtual size: 820KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE