62d9a4681762c0baac1b23b23e276532_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

62d9a4681762c0baac1b23b23e276532_JaffaCakes118
Size

119KB
MD5

62d9a4681762c0baac1b23b23e276532
SHA1

b5f5386b9adf5063725ed3f3a89abdae93d31372
SHA256

0b25183f289dfc4ebcdad6c846e07d3f7fe028cc44f0aba075b1171251ea9423
SHA512

e317951887004c4e441ed8639b1f62b9f83b60e8210352614d783fbb38d3b14976a05af0a1bd4c91ac960fb9e535409aada930e6aa571bb3dd79c3656c72b500
SSDEEP

3072:0Gv306lE1nQtI4xO3xdMYZfqT3xAOQHm/ie+t9c/:lDW10ds3HpUhAfZDt9c/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62d9a4681762c0baac1b23b23e276532_JaffaCakes118

Files

62d9a4681762c0baac1b23b23e276532_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9b1367cd8ec5bc368703bd039296e4ae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
GetDC

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
LoadLibraryA

advapi32

RegCloseKey

comctl32

ImageList_Add

gdi32

SaveDC

ole32

CoInitialize

oleaut32

VariantCopy

shfolder

SHGetFolderPathA

version

VerQueryValueA

wininet

InternetOpenA

winmm

timeEndPeriod

Sections

.text
Size: 19KB - Virtual size: 528KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE