833a3c16c1743330beafd70c00c06526_JaffaCakes118 | Triage

Sharing

General

Target

833a3c16c1743330beafd70c00c06526_JaffaCakes118
Size

153KB
MD5

833a3c16c1743330beafd70c00c06526
SHA1

24ebab2e756d5efbe9d412fe299c4e7b0edcc455
SHA256

c3613fe24cc7c412818863ea0fc37e7db4b9281b2682c39b8603e95c48f7b37b
SHA512

dd9cde5a7f3a43647ff14b306e4caba24d2bf12054d05ecc0bb88156e755047a1c4c01851d2ee2b43bdb101ee1eebc9e0d72d7713fd50f4f641c4aed9ee2447c
SSDEEP

3072:tpOV50HsXe4SIhEwJWaNW5jHn0S1UdmuREluC0ku4xVoRtpL+5KkV:tp050MXt9Aeij0SuYupuVoRDL+5j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
833a3c16c1743330beafd70c00c06526_JaffaCakes118

Files

833a3c16c1743330beafd70c00c06526_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9c2fe897ff9207ddcc74ee35f8b95f8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
FindWindowA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
AddAtomA

msvcrt

__getmainargs

urlmon

URLDownloadToFileA

Sections

.text
Size: 23KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE