41305d792dfefc6fba8c19bfda4bde23_JaffaCakes118 | Triage

Sharing

General

Target

41305d792dfefc6fba8c19bfda4bde23_JaffaCakes118
Size

153KB
MD5

41305d792dfefc6fba8c19bfda4bde23
SHA1

60829cefecfcbb19027f897f87362ee4b6449da3
SHA256

1548bae0373b369a5bebca5505099f935b7c5236267c53ebf6613839b16acf10
SHA512

066029d5dd175d460b6aaf71594319ed5351e0cb06b253690bbdb15cc167f778c4c45d7b81c991c95f538698f44cad12db832be065b938d0ba1a47e09a047530
SSDEEP

3072:DmPBkm56c7KIQP/9rnIdTBiMZkk8ydLKcNUYV6GSvHBM8lCr:DmPKm5b78zMTBiMuRylKqUY6GaCr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41305d792dfefc6fba8c19bfda4bde23_JaffaCakes118

Files

41305d792dfefc6fba8c19bfda4bde23_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9c2fe897ff9207ddcc74ee35f8b95f8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
FindWindowA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
AddAtomA

msvcrt

__getmainargs

urlmon

URLDownloadToFileA

Sections

.text
Size: 23KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE