7333950815349684ae757f20b90608d4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7333950815349684ae757f20b90608d4_JaffaCakes118
Size

63KB
MD5

7333950815349684ae757f20b90608d4
SHA1

0a7fa5d512d9d6455586a7e3db6f5df80ca5fa5f
SHA256

d1020177442e042a4eccb80327fb5222364e9c169603c378421f16346cfbbc8f
SHA512

4bd75c04571ef83cb82c46aca58981aba48b63dc55c0d8cb378576faee16784b368cd0fee51a78bd70aaa7aa0413e73400185959410c96c9549aff1da58c1640
SSDEEP

1536:vw3SGNjnjHFpJjoi1BwKMTRc7AdI95j9w5:P87FLjbBw7Ta9w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7333950815349684ae757f20b90608d4_JaffaCakes118

Files

7333950815349684ae757f20b90608d4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

21784ef85ebe7fe83ccf16222302dca3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
FormatMessageA
GetLastError
SetLastError
VirtualAlloc
CloseHandle
MapViewOfFile
CreateFileMappingA
VirtualFree
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameA
GetModuleFileNameW
GetVersionExA
VirtualQuery
SetFilePointer
ReadFile
CreateFileA
UnmapViewOfFile
WideCharToMultiByte
OpenFileMappingA
GetCurrentProcessId
CloseHandle

user32

MessageBoxA

shell32

ShellExecuteA

Sections

.text
Size: 16KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE