0d9b77d3e085a6edb15e776235255460_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0d9b77d3e085a6edb15e776235255460_JaffaCakes118
Size

431KB
MD5

0d9b77d3e085a6edb15e776235255460
SHA1

dcdf80aaaf06816e02564bd6cf4adc2c16b9334b
SHA256

9f312edf8692078339beaf0dd450528220f05d9db4170645d0c1dc299927526c
SHA512

6666ad26e7b94cab995c4c1c8832af89c70abc851ef70d9238adfca21a0d1c32262507871d0c57f6b4473e95f2042a0d96d494766e634d1a8fbcd3ff9133138a
SSDEEP

12288:k+iPtO8t7aswjmgYCrHUQ1Bo2XQsC/+sbl12MNZa:aOYp8mgrjs2Xk12MNZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d9b77d3e085a6edb15e776235255460_JaffaCakes118

Files

0d9b77d3e085a6edb15e776235255460_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0cbb65033bd96112fd17b097fa030b86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
SetCursor

kernel32

GetModuleHandleA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
GetModuleFileNameA
LeaveCriticalSection

ws2_32

connect

wininet

InternetCloseHandle

msvcrt

_controlfp

msvcp60

?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z

msvcirt

?get@istream@@IAEAAV1@PADHH@Z

mfc42

ord1176

gdi32

GetStockObject

advapi32

RegCloseKey

shell32

SHAppBarMessage

comctl32

ImageList_GetImageInfo

Sections

.text
Size: 14KB - Virtual size: 784KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE