fb02d0ef3126d45cb6602a427c0222fe_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fb02d0ef3126d45cb6602a427c0222fe_JaffaCakes118
Size

18KB
MD5

fb02d0ef3126d45cb6602a427c0222fe
SHA1

80f1016648b7d91cbd1cee5aec00ca949c2fa2ce
SHA256

6aa5e82aec17562079fec83a947748a4c9765aa9aeb8cbb4aca7b56672de0a9e
SHA512

3dff7425fe3d76a5818b1adab89902770fe8238b31a734c8c54acd0c2542ba1b1da71480898450126e665b0068bdde19c0522a4baffb3a03780f11e9bdfbf1e4
SSDEEP

192:6SUorMlHtTw1zZkYTRCOp7343D3o8/7crfsOqzyznYv/WU/6W3Y5a:9UoreHtEIYlkD48Tcjxwp6pa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb02d0ef3126d45cb6602a427c0222fe_JaffaCakes118

Files

fb02d0ef3126d45cb6602a427c0222fe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

13be740c12cea7a37f648d0c2036c512

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
GetCommandLineA
GetTickCount
WaitForSingleObject
HeapReAlloc
GetModuleHandleA
SuspendThread
SetConsoleCP
GetSystemDefaultLangID
GetVersion
HeapCreate
GetAtomNameA
CompareFileTime
LoadLibraryExA
CloseHandle
InterlockedExchange
GetConsoleCP
WaitForMultipleObjects
lstrlenA
GlobalUnlock
VirtualProtect

user32

CreateMenu
GetKeyState
GetCursorInfo
DragObject
InvertRect
DispatchMessageA
DestroyMenu
CreateIcon
FillRect
GetDlgItem
DrawCaption
DialogBoxParamA
FindWindowA
SetScrollInfo
IsDialogMessage
SetWindowPos
InsertMenuA
DragDetect
SetPropA
GetKeyboardLayout

winmm

PlaySoundA
auxSetVolume
OpenDriver
auxGetVolume
CloseDriver

version

VerQueryValueA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ