707a42628630436d2f940a1b7d589574_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

707a42628630436d2f940a1b7d589574_JaffaCakes118
Size

422KB
MD5

707a42628630436d2f940a1b7d589574
SHA1

1784a59acc31ccd61a5749b3954f45a7cb97d082
SHA256

5e9e6a423bc5fb584f6fee9ee24ba14989b97ab0386a00a2b7770aa3284c712c
SHA512

6b23853c0e639bb5c8bb3e63dd6ca404cf29242347c4536b49c6e2cd922218e1697f31b1188f14ed42b8b8a02f5e087b0e403d124801e0af2c274ed8f4b95562
SSDEEP

12288:K5vFDNNIC0S5N6WjPH52yp9E6rEJdcWjPH52G:K5NI2Rz99zqzd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
707a42628630436d2f940a1b7d589574_JaffaCakes118

Files

707a42628630436d2f940a1b7d589574_JaffaCakes118
.exe windows:4 windows x86 arch:x86

24af398c9f479b4e7f7fd941209becdd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
GetDC

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
LoadLibraryA

advapi32

RegFlushKey

comctl32

ImageList_Add

gdi32

SaveDC

oleaut32

VariantCopy

version

VerQueryValueA

Sections

.text
Size: 20KB - Virtual size: 588KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE