6040cfcfb60aa5aecfe00e368a6572b8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6040cfcfb60aa5aecfe00e368a6572b8_JaffaCakes118
Size

116KB
MD5

6040cfcfb60aa5aecfe00e368a6572b8
SHA1

c6a05cf927022e32a8070550c1ee273e78c053b5
SHA256

32ca9b273e34ac2d7741b9c35c73363d1d9978cedbfb8333e610b66dc3068b83
SHA512

1bb11e6f084d69311af176514ed44bd1d9431874d5d9468beb4bbcbc63d0a889fe4cee0b1fd35970b9e32759483c10fcdbda1df43f34bf0dbf2cfd686f1f2f97
SSDEEP

1536:M8qaqSO6uCUg5RqQQQ7effu+c1rz8zYlCl1QPcvE3ojdOeKGhCGJwS5Gn:lVOKUg5Rleffu+6gw6UNgKGhC2w+Gn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6040cfcfb60aa5aecfe00e368a6572b8_JaffaCakes118

Files

6040cfcfb60aa5aecfe00e368a6572b8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

33e41d4289916751b73be0986575adf1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
CharNextA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
CloseHandle

advapi32

RegCloseKey

oleaut32

SafeArrayCreate

urlmon

URLDownloadToFileA

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 58KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE