42332a60231feb5eac6d0e1f14992298_JaffaCakes118 | Triage

Sharing

General

Target

42332a60231feb5eac6d0e1f14992298_JaffaCakes118
Size

978KB
MD5

42332a60231feb5eac6d0e1f14992298
SHA1

3b1c25d6afa574311e4604ed5259a3536fb599b7
SHA256

68e27299a98107eca56427648e0b72edc950982c0ab79b880af780ac32bedca9
SHA512

6401a3aa10d2e9a7251cf9e513aaa8142ac820e3aa98a10ccf962ef12c3107f9f1f888ae73a9294da3bf3a6123bd8ebfdca131bac1eb5cc8de88627dbeb0e1df
SSDEEP

24576:qoYLjrr0LyV1b1AJwSqPRrCMbQw+peNoZNNPU:qoO0LmUnC9C0NMtTN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42332a60231feb5eac6d0e1f14992298_JaffaCakes118

Files

42332a60231feb5eac6d0e1f14992298_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8d7ae035421f49a0fb8c43d0ca3c2b35

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
PeekMessageA

kernel32

GetModuleHandleA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
GetModuleFileNameA
CloseHandle

version

VerQueryValueA

comctl32

ImageList_Create

shell32

SHGetSpecialFolderLocation

ole32

CoCreateInstance

advapi32

RegOpenKeyExA

Sections

.text
Size: 81KB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE