6332c3a4970a51a46ea34ff7b2855bba_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6332c3a4970a51a46ea34ff7b2855bba_JaffaCakes118
Size

331KB
MD5

6332c3a4970a51a46ea34ff7b2855bba
SHA1

d9d111e24084239ad17b1dcf87cbb1053360f050
SHA256

1b53377ee133e2d59ea0618334ea203c49f523c277ad8a3caf8c73dfbedd7613
SHA512

3b536d9f58f810a2017ce101e03e5942538147161f5b4af73cb9e680dd904b59d70b9b9d1e7e1585c8233fd616683c3622b402aca77a0ac86a4dd97be69eaaf4
SSDEEP

6144:BECTx3KYiELak+Bihlja8Hslcm0exADi/I2Wnus39HfitY:5N3BDLeg/28MBCDwBTU9/V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6332c3a4970a51a46ea34ff7b2855bba_JaffaCakes118

Files

6332c3a4970a51a46ea34ff7b2855bba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

96930e0057415b04665a07ea828e200f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
GetKeyboardType
PeekMessageA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
GetACP
TlsSetValue
WriteFile
Sleep

oleaut32

SysFreeString
SafeArrayPtrOfIndex

advapi32

RegQueryValueExA
RegQueryValueExA

Sections

.text
Size: 19KB - Virtual size: 656KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE