160cc0b489b0f58c7875a326870868da_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

160cc0b489b0f58c7875a326870868da_JaffaCakes118
Size

213KB
MD5

160cc0b489b0f58c7875a326870868da
SHA1

93700176e19748bc8e2cf9b8e7aec33c9e991369
SHA256

c0be9d7d0521f0a12f45b7d204ef3077019fea60899d3d9b2dec3a5e0d69dc11
SHA512

cd2526ad64baead5753e546c189c4abd62d3212584bc64daa63bcf4a7c9c630e4eff41d109b46f4dd2066cbacd0e7a7a46572296e8004ee850248c9d6825b6a5
SSDEEP

1536:5VPWBLriJzs5eLsSLREX7i55Y2o7EgUVn:jmIBL59Si557H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
160cc0b489b0f58c7875a326870868da_JaffaCakes118

Files

160cc0b489b0f58c7875a326870868da_JaffaCakes118
.exe windows:4 windows x86 arch:x86

925d520f5293e67288768f2e5b5319f5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
VirtualAlloc
VirtualProtect
VirtualFree

msvcrt

ceil

ws2_32

connect

user32

wsprintfA

advapi32

RegCloseKey

shell32

ShellExecuteA

oleaut32

GetErrorInfo

Sections

.wde
Size: - Virtual size: 124KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wde
Size: 212KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE