be0631ed05a4cbee9c52a21559792d37_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

be0631ed05a4cbee9c52a21559792d37_JaffaCakes118
Size

153KB
MD5

be0631ed05a4cbee9c52a21559792d37
SHA1

2dab122a74b1ce7f8b83adebf4f034c8108df553
SHA256

58064e3a005e338331faf3f004c5e4690a4abb3297520936f4abbe755c789cb7
SHA512

f45503d63333e18b5595d0be8b8cf30cef8b9c945814b710b873872758ec159dcdf034e383f1291e570bd1c276991241fd33efa6f9d6753f8a1380149cb6cf38
SSDEEP

3072:+Py41JOOgCjuHc0mP0cWvIeiwpUBGEXN1kNpZN0DM9:oJ5ju25nNGEWNpZNWM9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be0631ed05a4cbee9c52a21559792d37_JaffaCakes118

Files

be0631ed05a4cbee9c52a21559792d37_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9c2fe897ff9207ddcc74ee35f8b95f8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
FindWindowA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
AddAtomA

msvcrt

__getmainargs

urlmon

URLDownloadToFileA

Sections

.text
Size: 23KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE