84f480d0d2cbffe94be2f15158fdc557_JaffaCakes118 | Triage

Sharing

General

Target

84f480d0d2cbffe94be2f15158fdc557_JaffaCakes118
Size

1.4MB
MD5

84f480d0d2cbffe94be2f15158fdc557
SHA1

8126b12779d2ae316075112485f719df74fa7b5a
SHA256

1bd9c69e62095880c7416d183ea26f4d90abe8864c2a6e8db3f879895c0202cf
SHA512

192bab12b4f9c0486ae5237b3c5a72a0a2e049cedeb20a6a6c3bfde7321bd91850c27b9da5385a0c87a7aabc81ccc8eba9f2d0a61f61a951d638b35991b27a70
SSDEEP

24576:QGCCOWNOQancuBRwsn6c6Z7ZEF7FD1kHaTp82SjR53rWzQ2YL+:DCCqznjBOhc6NZEpFDC6dRSjvWzQ2/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84f480d0d2cbffe94be2f15158fdc557_JaffaCakes118

Files

84f480d0d2cbffe94be2f15158fdc557_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2f1ff4963d244d14a6905aa679dd25b3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
MessageBoxA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
GetModuleHandleA

msvcr70

__p__fmode

advapi32

RegQueryValueA

Sections

.text
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE