8879f6cd4ba1de002c1e5f8f174c5ef0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8879f6cd4ba1de002c1e5f8f174c5ef0_JaffaCakes118
Size

150KB
MD5

8879f6cd4ba1de002c1e5f8f174c5ef0
SHA1

f752cf86921ac55f516c03619f2fc1bc9c99d4a0
SHA256

8702228a282f4e9e24d18e7c015d0b135087a33cd3e7b2b6e0ccd8221a6b1d0f
SHA512

3d6819a46519e203ab277ddaa5a14cc61d039572bcba4616cde1acab4ebd6cc5ee15ca86a63ea822c6723f499eb9618620545417ef0392b6f05d0fe37fa33da5
SSDEEP

3072:avg3/4v0ZBGRs26sY8W4ODa4VbxyMT+aO4M0taCRsAbG:+M4yk/6t4MFV4Mqz0LbG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8879f6cd4ba1de002c1e5f8f174c5ef0_JaffaCakes118

Files

8879f6cd4ba1de002c1e5f8f174c5ef0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c575aa918bac818b364b37306f370a66

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
GetKeyboardType

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
DeleteCriticalSection
TlsSetValue
WinExec

advapi32

RegQueryValueExA

urlmon

URLDownloadToFileA

Sections

.text
Size: 19KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE