fa45ed9b0fcb5f0683d1ec5e104ca8f5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa45ed9b0fcb5f0683d1ec5e104ca8f5_JaffaCakes118
Size

165KB
MD5

fa45ed9b0fcb5f0683d1ec5e104ca8f5
SHA1

c852e0967f669d76941c2285fe38795c6238a71c
SHA256

d450c73c65fe9686fc80c37aa9f20d3e49b2671a0ed9a14519d54051b8a3ce7a
SHA512

1200410f965dfd341a70059a1093e55206ef609bfe6bd10ed35bc3b7b500cf67eb63cad76386923240a676467e78b6e2f1c2be46b3f1284257edd4d20adc8046
SSDEEP

3072:8z2o69bdzZLe06ArfYj/JIuOcmeK5PaICR6WctSMZgZ0W9Du92q:62V6kgjhIuOsK0etSMZ6uT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa45ed9b0fcb5f0683d1ec5e104ca8f5_JaffaCakes118

Files

fa45ed9b0fcb5f0683d1ec5e104ca8f5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3ac8aede2e42202f7d6e79e36c32fdaa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LocalFileTimeToFileTime
ConvertFiberToThread
SetCurrentDirectoryW
FindClose
FindResourceW
FreeLibrary
SetThreadPriority
FindFirstFileW
LoadResource
CompareStringA
EnumResourceNamesW
GetShortPathNameW
FileTimeToLocalFileTime
GetLocalTime
SetErrorMode
RegisterWaitForSingleObject
FindNextFileW
GetStringTypeW
FileTimeToSystemTime
SystemTimeToFileTime
SetEnvironmentVariableW
SearchPathW

user32

InvalidateRgn
RealGetWindowClassA
GetCapture
ValidateRgn
ValidateRect
SetCapture
ReleaseCapture
ExcludeUpdateRgn
GetUpdateRgn

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 940B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ