fadfd336ff862c1bd64d2cc02872b673_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fadfd336ff862c1bd64d2cc02872b673_JaffaCakes118
Size

183KB
MD5

fadfd336ff862c1bd64d2cc02872b673
SHA1

8634e321e49a772806698950c603bcc9c7a7f3da
SHA256

76010f5aefa3b056d87f5d7e5070cbcd23a8315c91af4eccc60692aba28f513e
SHA512

981bef8cdeb7a39d777333d9eab1133764f4d8c4e5a764051156722aabf1c7a93e780b7028ebed18f9583baeba57027a2c49e4f7173a42fd1cd9bad2813cb26a
SSDEEP

3072:A5pWdfDRfxbJtGO0HhGG3zHnkzTNTAoBZccgrSgWVPPKw9rdFN/SmQ1WAO7F3:AafDlLtgkYe5Zccc5WVPPKmLFsWTx3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fadfd336ff862c1bd64d2cc02872b673_JaffaCakes118

Files

fadfd336ff862c1bd64d2cc02872b673_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ce4f7753924d0d1b84ab311bc20cba50

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetNumberOfConsoleInputEvents
WaitForMultipleObjectsEx
OpenThread
GetWriteWatch
ReleaseMutex
HeapFree
SetConsoleCursorMode

user32

GetClipboardOwner
SetWindowPlacement
DdeQueryStringW
GetScrollBarInfo
CallWindowProcW
CreateDialogParamA
UserClientDllInitialize
SetLayeredWindowAttributes
GetKeyboardLayout

shell32

StrStrIA
ShellExec_RunDLLW
StrChrIW
StrCmpNW
DoEnvironmentSubstW
SHBrowseForFolderW
Control_RunDLLA
SHFileOperationA

Sections

.text
Size: 9KB - Virtual size: 811KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 170KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pack32
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ