65d0828691e17302d27ccb7790d7864e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

65d0828691e17302d27ccb7790d7864e_JaffaCakes118
Size

153KB
MD5

65d0828691e17302d27ccb7790d7864e
SHA1

cc93d8150e1d8c2f3925b45ea59760976088202f
SHA256

aa1a1161cf2d930a6e2eedeab0f5e92ef11bdb21d1328978571f893d1c3e4dea
SHA512

af671b8f5a9fe1a41d56135fd28209090843a68383dc9ab62ae1f660fb6492b611c91b1598dde538d2ef8ac35a00b61c51919221b79f2ce823fb3114fcd8b25f
SSDEEP

3072:C1v++irZFaehCJUQ8xqpQk0V6Wn8tSP7ndpmiUFzOIYdbqS55:p+iVlhCJExqpQZQW8kLLKOIS/55

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65d0828691e17302d27ccb7790d7864e_JaffaCakes118

Files

65d0828691e17302d27ccb7790d7864e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9c2fe897ff9207ddcc74ee35f8b95f8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
FindWindowA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
AddAtomA

msvcrt

__getmainargs

urlmon

URLDownloadToFileA

Sections

.text
Size: 23KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE