741fb06a565b1a472a2f77742b5e1f9d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

741fb06a565b1a472a2f77742b5e1f9d_JaffaCakes118
Size

80KB
MD5

741fb06a565b1a472a2f77742b5e1f9d
SHA1

8b8f0be878b894f6ae84a786afc38bd2a115b261
SHA256

8106ce5f1902ce7f93d63e6f04e6fb38ab91f1462f5f6aafc6fe32725a64364f
SHA512

248f05d5ccf918e0e76b9961ff8f755dcd51fa51c4dcb814a34d6697cd00a04df086ec7b0d7232f0995d9c08ac45e2f27199bb55d4002f810bad2f11afc9e85a
SSDEEP

1536:M8qaqSO6uCUg5RqQQQ7effu+c1rz8zYlCl1QPcw:lVOKUg5Rleffu+6gw6Uv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
741fb06a565b1a472a2f77742b5e1f9d_JaffaCakes118

Files

741fb06a565b1a472a2f77742b5e1f9d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

33e41d4289916751b73be0986575adf1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
CharNextA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
CloseHandle

advapi32

RegCloseKey

oleaut32

SafeArrayCreate

urlmon

URLDownloadToFileA

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 58KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE