a929001aa8f1411e3181977ccd457af1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a929001aa8f1411e3181977ccd457af1_JaffaCakes118
Size

489KB
MD5

a929001aa8f1411e3181977ccd457af1
SHA1

0aa416d4914e7e0dbeb6b3f701aa5a70b72faf08
SHA256

c7193c9e254df6f71f28154a72e9df2226a40ed55e66ccf43c13306ad5baff70
SHA512

1c7cfed25f0b9da2c10013cfc2092c7865aca7595b85f19ff77015054a2b4a421912fc4e7c7937c4020d645954b3328f4d034fb834ddfe76b743393665e9c393
SSDEEP

12288:WAcqreA7HUrX4npxBu5w8l+pTOWH/UgOho:WAcmvHUWpxBYvlM3/Ugb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a929001aa8f1411e3181977ccd457af1_JaffaCakes118

Files

a929001aa8f1411e3181977ccd457af1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9b1367cd8ec5bc368703bd039296e4ae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
GetDC

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
LoadLibraryA

advapi32

RegCloseKey

comctl32

ImageList_Add

gdi32

SaveDC

ole32

CoInitialize

oleaut32

VariantCopy

shfolder

SHGetFolderPathA

version

VerQueryValueA

wininet

InternetOpenA

winmm

timeEndPeriod

Sections

.text
Size: 19KB - Virtual size: 484KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE