5adaed53170acb8a45a2bccc74e19772_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5adaed53170acb8a45a2bccc74e19772_JaffaCakes118
Size

586KB
MD5

5adaed53170acb8a45a2bccc74e19772
SHA1

f8972a651d568ef5f933a117d046791b241681db
SHA256

58118fe9622cb8cbd7802e35feee5a806ea6cf1608689204294c1425cc9e0be7
SHA512

47270ac5a8f2212ac60c76baf79b959060bad3e864ba27e237688be09b5f57e24223e76e5a4c6d8a3f82774852b417e598234f6a581ae38579cee6d2e7688362
SSDEEP

6144:w+ZHbXnCchdYLRPTGQxLPsfiCHl+CAzuABgKQF6nA0lTf6vl3yquzVjiM1QLLM61:/ZH7H7iao1fgUf+FuZC5VUXCGoDk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5adaed53170acb8a45a2bccc74e19772_JaffaCakes118

Files

5adaed53170acb8a45a2bccc74e19772_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b91e12415e382b052cfe6f66a498b63d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
OffsetRect

kernel32

GetModuleHandleA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
GetModuleFileNameA
TlsAlloc

ws2_32

send

wininet

InternetCloseHandle

msvcrt

_controlfp

msvcp60

?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z

msvcirt

?get@istream@@IAEAAV1@PADHH@Z

mfc42

ord1576

gdi32

CreateSolidBrush

advapi32

RegCloseKey

shell32

ShellExecuteExA

comctl32

_TrackMouseEvent

ole32

ReleaseStgMedium

oleaut32

VariantClear

shlwapi

SHDeleteKeyA

Sections

.text
Size: 23KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE