d62ee9cfb30686c155dd46ea03188f93_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d62ee9cfb30686c155dd46ea03188f93_JaffaCakes118
Size

2.6MB
MD5

d62ee9cfb30686c155dd46ea03188f93
SHA1

3929f5cfd07dd7a39c58fb421f23f1bd36087e06
SHA256

f0994f320ebe946d204f9f567f812b8c9baa5dafd0cfebc62a48cd82ee69ed9d
SHA512

a9ccbe86775d828a863700c4979fb1146152d845761f79db75c1aeade6698e97a34e92eb421a4826ab9b0ecd490e095aeceb9350166b6f8a1d80e1e0bc21294c
SSDEEP

49152:hC+ErHG/+M7+oECMhRIFJx3xi15HM+8hZ1uxV2qlSCO3aGgE8wtkMP5eJemfQu3X:hC+ErmrSdX0bdxiTHM+8hZ1uxVXlSCOG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d62ee9cfb30686c155dd46ea03188f93_JaffaCakes118

Files

d62ee9cfb30686c155dd46ea03188f93_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c4c1b3614aa82a7840761c349fc804d4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
GetDC

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
LoadLibraryA

advapi32

RegCloseKey

comctl32

ImageList_Add

comdlg32

GetOpenFileNameA

gdi32

SaveDC

mpr

WNetGetConnectionA

ole32

OleDraw

oleaut32

VariantCopy

shell32

SHGetPathFromIDListA

urlmon

URLDownloadToFileA

version

VerQueryValueA

Sections

.text
Size: 47KB - Virtual size: 7.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE