9667a114a638c5fc74cedbf0bd7ac9e4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9667a114a638c5fc74cedbf0bd7ac9e4_JaffaCakes118
Size

365KB
MD5

9667a114a638c5fc74cedbf0bd7ac9e4
SHA1

60dcba67735ae06dd4f6446f14633ab96e4330e4
SHA256

0249afb4db84b06f8ec59d96ee354074ea7d44be3b7caf6ad4b348288bbfe9b3
SHA512

f553c0f4e217609a002d329c10b05a779bfc4d1910a66d6294c450bd88cebd20772cd0adfe81e65639c1c72cfbe4af652ab52ea3e90bdaf561585cbfb20cec25
SSDEEP

6144:vwpHl15rja0DNHjLlzD+0nFN1MyHt0CUEJmht009tl5THZGrgo6uTIqTv:vwpFPrjNpVX++FN19X3shzrQZ7IqD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9667a114a638c5fc74cedbf0bd7ac9e4_JaffaCakes118

Files

9667a114a638c5fc74cedbf0bd7ac9e4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c98e1663af55a856c87a7768676501ca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
GetKeyboardType

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
LoadLibraryA

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

IsEqualGUID

comctl32

ImageList_SetIconSize

shell32

SHGetFileInfoA

wininet

InternetSetOptionA

urlmon

CoInternetCreateZoneManager

comdlg32

GetSaveFileNameA

shlwapi

SHAutoComplete

Sections

.text
Size: 30KB - Virtual size: 1008KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE