fa8c1b33fc08e11b0ade4025b0612d1d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa8c1b33fc08e11b0ade4025b0612d1d_JaffaCakes118
Size

36KB
MD5

fa8c1b33fc08e11b0ade4025b0612d1d
SHA1

8622350e1bfa5b0710d44f3626c94c995c8f199c
SHA256

15a127d327e2ecb31c6bd0b9718db9132203215741270be459381155b72666bf
SHA512

32d65572b2369a0052b9d688c28d76711f8f1d636fbebe4b54fe88a458c7e6a1401cda24da358f35c10e4b5e4ac5e2241d3f441e4bc8dbea02237f10ef6d1369
SSDEEP

384:tG3aejXSxRY1xt5uHkRC+BeKyvixDCNRWt:IqeGcUE47KSi52RWt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa8c1b33fc08e11b0ade4025b0612d1d_JaffaCakes118

Files

fa8c1b33fc08e11b0ade4025b0612d1d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

01484a26ee2c379df120cda3330d53eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
HeapFree
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapAlloc
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE