b50768fa460a0f97d9e1408f3f9a1665_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b50768fa460a0f97d9e1408f3f9a1665_JaffaCakes118
Size

346KB
MD5

b50768fa460a0f97d9e1408f3f9a1665
SHA1

8d1871169429ccb33734b49ca4303ca3cc23e74b
SHA256

7b939fde978bc49315f04460c3ed1adb713a9f6c932c63be9a8b77447aa05a2f
SHA512

48db24eea9e5ae764160f5cf047eb3f1dbb88acf19f038dfc800f080666a6bffb763ebc6b670e9c8d45797a7aae3d454a39b6c76ec935f1dee318c94a03f1a31
SSDEEP

6144:PCv+X4Azhkak3yePTuPXItWBe01Plfnk6ZvO8suP21KNFUPB6sM+qfiKPgVhY9Ru:PZX4AU3yEW3Bnk6zaK76BnAf/g3Y9Rc9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b50768fa460a0f97d9e1408f3f9a1665_JaffaCakes118

Files

b50768fa460a0f97d9e1408f3f9a1665_JaffaCakes118
.exe windows:4 windows x86 arch:x86

21784ef85ebe7fe83ccf16222302dca3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
FormatMessageA
GetLastError
SetLastError
VirtualAlloc
CloseHandle
MapViewOfFile
CreateFileMappingA
VirtualFree
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameA
GetModuleFileNameW
GetVersionExA
VirtualQuery
SetFilePointer
ReadFile
CreateFileA
UnmapViewOfFile
WideCharToMultiByte
OpenFileMappingA
GetCurrentProcessId
CloseHandle

user32

MessageBoxA

shell32

ShellExecuteA

Sections

.text
Size: 16KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE