835c49fcf7a1d58d20378b5f2f0e837e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

835c49fcf7a1d58d20378b5f2f0e837e_JaffaCakes118
Size

130KB
MD5

835c49fcf7a1d58d20378b5f2f0e837e
SHA1

46067f9b16c149c0556b9f88908f0b5a9f6f481e
SHA256

c1c9c94cf82b96109c4d044dd421bc113f2b410b2f2ffa63dc6974da2e358bd5
SHA512

29e8b9dd500227f52ced7641d51e006370a547db98ba1e2caaf37793e3ef65e129c443402a8a8c230a68f7f49693a2444f9f3a2b39c4d93b2cd15d48e9557baf
SSDEEP

3072:oy8Q/wtF5kaTzXfG/maOvIHIk9HzxEJnNP:oQ/wtFf/na7EJR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
835c49fcf7a1d58d20378b5f2f0e837e_JaffaCakes118

Files

835c49fcf7a1d58d20378b5f2f0e837e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a173c02cb7e8493941bb2b00804cabe2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
GetKeyboardType
MessageBoxA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
DeleteCriticalSection
TlsSetValue
WritePrivateProfileStringA
Sleep

advapi32

RegQueryValueExA

oleaut32

SysFreeString
SafeArrayPtrOfIndex

urlmon

HlinkNavigateString

Sections

.text
Size: 22KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE