456d14c80200631c8b1d13132d7e9590_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

456d14c80200631c8b1d13132d7e9590_JaffaCakes118
Size

28KB
MD5

456d14c80200631c8b1d13132d7e9590
SHA1

1a1d92646a644fb18d7bff28f127b99f083d81ea
SHA256

c8e055ef78d602e862f1239a57d5db5e43aae630c0eee11f472ed36034820075
SHA512

575d3f7ca6f6a7318c333d431cfa4c16470f4eb3bf05e4da47c8ed3274d119ab25b7219e9648e3b498c2b39d9ca745ef333c05341d32215d6ef56bbef006fb24
SSDEEP

192:GBW+eVNxM/tDbWeeArbcihsgjshHDAamXf84xJ:GDVDbWeVrwgsgjshHDAamXf84H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
456d14c80200631c8b1d13132d7e9590_JaffaCakes118

Files

456d14c80200631c8b1d13132d7e9590_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0957287b16f4d58ba4d8c06063bbd080

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
GetModuleHandleW
Sleep
GetLastError
MoveFileW
GetSystemTimeAsFileTime
DeleteFileW
lstrcpyW
lstrlenW
GetEnvironmentVariableW
lstrcmpA
lstrlenA
VirtualAlloc
CloseHandle
MapViewOfFile
CreateFileMappingW
VirtualFree
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
HeapFree
FreeLibrary
HeapAlloc
GetProcessHeap
LoadLibraryW
MapViewOfFileEx
UnmapViewOfFile
ReadFile
SetFilePointer
ExitProcess
FormatMessageA
SetEnvironmentVariableW
GetFileSize
CreateFileW
WideCharToMultiByte
lstrcpynW

user32

MessageBoxA
wsprintfW

Sections

.text
Size: 24KB - Virtual size: 6.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE