658592d309ab46b32b0eb6156a858a1e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

658592d309ab46b32b0eb6156a858a1e_JaffaCakes118
Size

20KB
MD5

658592d309ab46b32b0eb6156a858a1e
SHA1

09116650159d1d87cac98f18a96a19917bc6d72f
SHA256

e0d52d1f7654d5d05c851816f815a8d77d70b3bea244d6a2489e5e17d084bd6c
SHA512

e60032f7cffd1a78452ee657ea3f4e8e8972c07b4a0ab7df66ab7c64bf457b7f38f7abca622ea26fa715a3b997e25ad394207f922b83e4eb458c2a9f277118f5
SSDEEP

384:2G8zLA8vmliyfC8krqLsKkg4fhKDzT9S2chPwR80X9IV+Tq6SOsffawxYM5:uwXK8MqLFkxhg4lhPTVvbnH5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
658592d309ab46b32b0eb6156a858a1e_JaffaCakes118

Files

658592d309ab46b32b0eb6156a858a1e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cde2ad1ae91ac65e77cddcdb9705eee2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
SetWindowPos

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
HeapAlloc

wsock32

__WSAFDIsSet

version

VerQueryValueW

winmm

timeGetTime

comctl32

ImageList_Remove

mpr

WNetCancelConnection2W

wininet

InternetReadFile

psapi

EnumProcesses

userenv

CreateEnvironmentBlock

gdi32

DeleteObject

comdlg32

GetSaveFileNameW

advapi32

RegEnumValueW

shell32

DragQueryPoint

ole32

OleSetMenuDescriptor

oleaut32

SafeArrayAllocData

Sections

.text
Size: 19KB - Virtual size: 720KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE