b2a022f2e230110d34510357df443dd0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b2a022f2e230110d34510357df443dd0_JaffaCakes118
Size

19KB
MD5

b2a022f2e230110d34510357df443dd0
SHA1

f20afca764ab807a2b64d1cd04dec58f60c46c02
SHA256

3ea9094b9da706af2020d6b9a1c960027a957f251a0968c6bdf774883e5fd996
SHA512

ac3e23278322deac74dea773dba0e8d0ef4149d288172934a24b9434cc83cc61c9923cc9430009a10ad79d5d95718794963bfe658e75966938683ee6bcc77b4b
SSDEEP

384:1Ph6lTkq48/kU+dR69axVOWVhJg/2OfQTrxKlfnQO3C5jEiawxYM51sa:u48/R9a+ua2OfQTrMhMYY51sa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b2a022f2e230110d34510357df443dd0_JaffaCakes118

Files

b2a022f2e230110d34510357df443dd0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

15d09ed8beff818d03867db001f5ee4f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
MessageBoxA
MessageBoxA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
GetModuleFileNameA
GetModuleFileNameA
CreateThread

ws2_32

inet_addr

Sections

.text
Size: 19KB - Virtual size: 468KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE