f6df61cd98598b927a51f013b5a39ba3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f6df61cd98598b927a51f013b5a39ba3_JaffaCakes118
Size

153KB
MD5

f6df61cd98598b927a51f013b5a39ba3
SHA1

9910dd98ac98ebcb4670368043d027e0e4970a9e
SHA256

1465e77707a6bfa3c2c36617d3acb38043a5f20447a84f70b0206c84f5ff0ad9
SHA512

d47f176bb9abc7754bb45c1877e4e4db92ee4bc517f882284903f16bd37582634e9ec0d6fb8aa3e6bfad04abc349157e36233949b9a401a88cd359f378671d6c
SSDEEP

3072:myg/URGzwNZlmTd5HpYfFJn/p84iQiM0pPHqD7TOXbXBasPt5I9WPKkd3Boe:7g/eGiOjcFJn/ptiQSPHqD7oBnPt5I9I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6df61cd98598b927a51f013b5a39ba3_JaffaCakes118

Files

f6df61cd98598b927a51f013b5a39ba3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9c2fe897ff9207ddcc74ee35f8b95f8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
FindWindowA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
AddAtomA

msvcrt

__getmainargs

urlmon

URLDownloadToFileA

Sections

.text
Size: 23KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE