a68182d5f4907e43b8b15f03d1b46adb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a68182d5f4907e43b8b15f03d1b46adb_JaffaCakes118
Size

66KB
MD5

a68182d5f4907e43b8b15f03d1b46adb
SHA1

17ed0f06868fd37c8bc7f7dfa135626eb61aac5d
SHA256

8081f7ed7d2d959a21cfca4b40dd5154bfcd1ade0cc48bd179472c561dc72974
SHA512

fc87587123a93781dbc34adec021e4d1abdba2f3c44660fedbb526b2838e701d136fbfa1354ec87ec783a858d3bd5ca8826562d276b9eb7535bf7fe7497bcd61
SSDEEP

1536:8gbfghbz47wor758KKalrH+/NbgSLccj9YiYbiuTNXCu:8gzghd+FfrH+FsIcm9YrTNSu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a68182d5f4907e43b8b15f03d1b46adb_JaffaCakes118

Files

a68182d5f4907e43b8b15f03d1b46adb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

33e41d4289916751b73be0986575adf1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
CharNextA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
CloseHandle

advapi32

RegCloseKey

oleaut32

SafeArrayCreate

urlmon

URLDownloadToFileA

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 20KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE