28921c0e1d3603063141460349413d0e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28921c0e1d3603063141460349413d0e_JaffaCakes118
Size

153KB
MD5

28921c0e1d3603063141460349413d0e
SHA1

b6b815f6560180a71c2366867487453c8ef29af9
SHA256

1ab85511a1f8960908108242aaa8b5da25f511eebe828f628f2b1da978e88bbe
SHA512

afd9ea2b85acd081c7de8c67f718d50db84ff25a77c5d3f7b4b8853fc5412b088904ec8f2ffd2a8aaf72c9def4c47f64c8e991b798a8219aea9c1b15a91606c3
SSDEEP

3072:rHpe96K5WRoIAuwLRDKBD/VphaYO/Q2Z0sZwKHUJ/Beyhp:rHpY6K5hjUpt3aYO/Q2Z0osgyH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28921c0e1d3603063141460349413d0e_JaffaCakes118

Files

28921c0e1d3603063141460349413d0e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

58bc315907d66bd6874cde66e709755a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA

msvbvm60

_CIcos

Sections

.text
Size: 22KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE