4db0cf5966c0f28e89ea65b820e33ed9_JaffaCakes118 | Triage

Sharing

General

Target

4db0cf5966c0f28e89ea65b820e33ed9_JaffaCakes118
Size

301KB
MD5

4db0cf5966c0f28e89ea65b820e33ed9
SHA1

5d21da862233c0a37b73a2847c54c1ca871fd54d
SHA256

30ccecd2b6946f81e087cc61bad604117e87dcebc2e96db2124826b88c471489
SHA512

d624b8be8031c369a069d393cf0b32cdeb01d5dc3f9256751542bc596888afddb5b4125ed1cafb20524d5289f6892300ce34550358e85d285997c0759a338579
SSDEEP

6144:4RG/Xml+Le3uOqDICADyMAA8ALrGeMRCVLgAf/VOQQFo31DENSxvG09:4Rfl/3upNADmA7MjaQSlDV9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4db0cf5966c0f28e89ea65b820e33ed9_JaffaCakes118

Files

4db0cf5966c0f28e89ea65b820e33ed9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

58bc315907d66bd6874cde66e709755a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA

msvbvm60

_CIcos

Sections

.text
Size: 44KB - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE