a60ab156649471f52c1b9d1e5f31f32f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a60ab156649471f52c1b9d1e5f31f32f_JaffaCakes118
Size

185KB
MD5

a60ab156649471f52c1b9d1e5f31f32f
SHA1

f31a29eb858e7973321bf9ac8f884e0d9fc63946
SHA256

131a0cb8a188cefed9013dc99f5cc036e45f3838f16b39d28705e9aa33ef4c5b
SHA512

d16e3bfd60ed0025f227d643f0720e9b08016597db18e77e9d8ee0017b8f3a6acfb01029804f476c007451253d9ba54a8be350ada26e03b9f33f107a116e5254
SSDEEP

3072:UGRL/GdFRlwhaEsAnfEvj9ADryHwIV9HnQh8isvSHEyM/dajDerUAJ3yUMu:NLOdFRlwkETEirfI3QmxoEb/bUAMU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a60ab156649471f52c1b9d1e5f31f32f_JaffaCakes118

Files

a60ab156649471f52c1b9d1e5f31f32f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9c2fe897ff9207ddcc74ee35f8b95f8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
FindWindowA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
AddAtomA

msvcrt

__getmainargs

urlmon

URLDownloadToFileA

Sections

.text
Size: 44KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE