c8d912da343dc260ec975a557682e113_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c8d912da343dc260ec975a557682e113_JaffaCakes118
Size

34KB
MD5

c8d912da343dc260ec975a557682e113
SHA1

327b9a5ab75462c3fcae0c759ff57a77a7f9c6d3
SHA256

3e1cbf4ffb0367277990f79d56ff7594789f1ec99f5cbdccbf9484134428d03e
SHA512

8cd79b8cb7dad86c7537cf5748c7e12aabfc47e53462a9e767c8616683b3e7fdabfa25feea33c8c4a50e0373df6f23b31cf480dba61131c52148c4ed7177d7cc
SSDEEP

768:AmH/G25fP9quSBsnDdkpNLLZ62aRiAvm5SGnMR8verNym:RXXlnRsNHZ5aRTvOnMR8verNym

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8d912da343dc260ec975a557682e113_JaffaCakes118

Files

c8d912da343dc260ec975a557682e113_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0c21ce859e487b7afd4118522beec37e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
GetKeyboardType
CreateWindowExA
DdeCmpStringHandles

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
GetACP
TlsSetValue
lstrcpyA
Sleep

oleaut32

SysFreeString
GetErrorInfo
SafeArrayPtrOfIndex

advapi32

RegQueryValueExA
RegSetValueExA

gdi32

UnrealizeObject

version

VerQueryValueA

ole32

CoUninitialize

comctl32

_TrackMouseEvent

wininet

InternetGetConnectedState

winmm

timeGetTime

Sections

.text
Size: 25KB - Virtual size: 6.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE