640b945ce2c7b2a5e6d92fb0f8158e07_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

640b945ce2c7b2a5e6d92fb0f8158e07_JaffaCakes118
Size

186KB
MD5

640b945ce2c7b2a5e6d92fb0f8158e07
SHA1

120c5ddb6c2c8a24ad5ca00a048ed1c463936719
SHA256

75be2867dd7a639ffd6e1017b4fcc2241d3540cc479d810e1743aaf5783c77ab
SHA512

cf3592499a7672b73107b28b4d55356af6b91dbff5882e9874349b0e1bbda02804b10cb8d4c723112c41db034a1a282965036ef7504b44bb830f17644a89b751
SSDEEP

3072:bpDRB5A4fhaUcwn6TuK9ncLzQBFBPefjXPHLM0xFffygS/3Q1rvLB0q:bfB59fkUuTqzKvWDLMBgAez

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
640b945ce2c7b2a5e6d92fb0f8158e07_JaffaCakes118

Files

640b945ce2c7b2a5e6d92fb0f8158e07_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e66568eb42d5389dd23767bcde090a1d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
ShowWindow

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
LoadLibraryA

msvcrt

_iob

urlmon

URLDownloadToFileA

Sections

.text
Size: 44KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE