963051d458a1cd85479ab5f989ea0f73_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

963051d458a1cd85479ab5f989ea0f73_JaffaCakes118
Size

153KB
MD5

963051d458a1cd85479ab5f989ea0f73
SHA1

f49674ff9bd25a54d13c66d4fa4a12c150944660
SHA256

c21fc6a5b31be89cd0aab9909745783652d431446979c40e6fdfac0fe53def87
SHA512

7febcedc527cc7aaa0576a2f9e5f1ba404f3b3b5cb3ebe8699065133e415def906329fc5e8cc8e92729a4f0f19e2f5b64680f400b40f8729ccaee89d8d3cec39
SSDEEP

3072:aiEDCSZsH78rPCrc2e3wU5vg/n4oUgPpYs7SmQNHQtgSHlcQlITnls:HXSZsHaPCrc2MwUMUgPVzQVQtzH6AMnS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
963051d458a1cd85479ab5f989ea0f73_JaffaCakes118

Files

963051d458a1cd85479ab5f989ea0f73_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9c2fe897ff9207ddcc74ee35f8b95f8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
FindWindowA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
AddAtomA

msvcrt

__getmainargs

urlmon

URLDownloadToFileA

Sections

.text
Size: 23KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE