8a1f320967ea3575a8057fcfdf53120e_JaffaCakes118 | Triage

Sharing

General

Target

8a1f320967ea3575a8057fcfdf53120e_JaffaCakes118
Size

20KB
MD5

8a1f320967ea3575a8057fcfdf53120e
SHA1

2822987fac9db90e12a2c7d28833b44dc3da38d8
SHA256

24e4624bc4a4bdc7e05271ec9c793fd883440b2d329f535ae4f4692978dc2fc0
SHA512

bef550927bedff362bea834c784e6d7a156c14470bc736f15cedb6ac62aa48402835036e8245172d5ed56357aa3ccdb8065cc7f9d15579cdab17f378f18395c5
SSDEEP

384:s7FQ/0ZzJNUiYtMncMBNVbVf4r5ibSYY+F:s7FXe/tMc2bVs5ibR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a1f320967ea3575a8057fcfdf53120e_JaffaCakes118

Files

8a1f320967ea3575a8057fcfdf53120e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9a790c01b0892b5f4165268ed27095e9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileW
CloseHandle
WriteFile
CreateFileW
GlobalAlloc
Sleep
GetTickCount
ReadFile
GetFileSize
WinExec
GetFileAttributesW
GetLastError
CreateMutexW
GetStartupInfoA
GetModuleHandleA

user32

SendMessageW
wsprintfW
PostMessageW
FindWindowExW
ShowWindow
FindWindowW
MessageBoxW

shell32

ShellExecuteW

iphlpapi

GetAdaptersInfo

ws2_32

inet_addr

wininet

InternetReadFile
InternetCloseHandle
InternetOpenW
InternetOpenUrlW

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
setlocale
exit
wcscmp
memset
wcscat
mbstowcs
strlen
memcpy
??2@YAPAXI@Z
??3@YAXPAX@Z
wcslen
wcscpy
wcsstr
printf
wcsncat
wcsncpy
_wcslwr

Sections

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE