47c300a126b741be1e084581058a5046_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

47c300a126b741be1e084581058a5046_JaffaCakes118
Size

242KB
MD5

47c300a126b741be1e084581058a5046
SHA1

eb8f7e7af36f9eb8bbe6559fc890d3f107602357
SHA256

9f09c0ba9011554628ed593145187de11090e9401cf5662d8c11343ae8534944
SHA512

c01ddffab1e6927e18e85d98f453a60aa97a969ad91359db94e315112dd31554654f4374c798fac91c36891bdbdfd8d2663f9868090bb49d3eb7c0c8da3edc32
SSDEEP

6144:eIG9CZhIkT7Cnl1rnCjJJD+dAglk7Hf3EL+a:u9QT74+3D6APDvm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47c300a126b741be1e084581058a5046_JaffaCakes118

Files

47c300a126b741be1e084581058a5046_JaffaCakes118
.exe windows:4 windows x86 arch:x86

00530854604ae08578bab74fdbf365b1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
Sleep

Sections

.text
Size: 19KB - Virtual size: 528KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE