785ea265e4b87d2be371df89de75df2e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

785ea265e4b87d2be371df89de75df2e_JaffaCakes118
Size

1.2MB
MD5

785ea265e4b87d2be371df89de75df2e
SHA1

4909649c2e68f9c4f428ddb5fb7eac578e287882
SHA256

63b190439fb1eee3e7c3fd25cdd90e96f753d13b2b4c472b05a20de99b5dcba5
SHA512

a9df468ce7a3b2e82a0f518a76b24137292a4368f88467904b0200876c110ed51616bdc0b74bb034dd482d269b523654bfbd987f0a901e04317a789cbca80b96
SSDEEP

24576:TkDsEsn8dR6DK4GI2O2Yt4chwMhmhp8RkocKhyebvzgExW3tnGvn:TUsn8dd9OTt4cWMhmAkoczWvhiGvn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
785ea265e4b87d2be371df89de75df2e_JaffaCakes118

Files

785ea265e4b87d2be371df89de75df2e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e38b379a3c14da73f75974f487bde498

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
AddAtomA

advapi32

RegOpenKeyA

msvcrt

__getmainargs
_fstat

Sections

.text
Size: 19KB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE