fdf0ebd3309ff4cfe545758a18e34cc3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fdf0ebd3309ff4cfe545758a18e34cc3_JaffaCakes118
Size

38KB
MD5

fdf0ebd3309ff4cfe545758a18e34cc3
SHA1

2b791f652aeb636fd765b17e2ad1541ece16bbd1
SHA256

7b0803aa84c14c3e295be83d0d4b14ca8063da1fc378e50c8db047a0cefe62e1
SHA512

7d43da51ae4f7ba3fb512f998ddc1b45c602cda3b201857f180516c1ddb8142faee7e8d0b45f70a0dbe8f86acc25cde52ebe68e0cdb6597fb1d01ac8c8d0580a
SSDEEP

768:xbwEMqBgN5D4BL7j0Bc/x9eYhfKY42HMy7/lBUCH1AbTDmZh0k12rCPUP4J:xbJMqI5DgL7j0SVmChHW3HkjPq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fdf0ebd3309ff4cfe545758a18e34cc3_JaffaCakes118

Files

fdf0ebd3309ff4cfe545758a18e34cc3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

72bddf4a5d2500e7bccd859aaaf4f267

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AreFileApisANSI
CloseHandle
CreateMutexA
ExitProcess
FindResourceA
GetDateFormatW
HeapSize
IsBadHugeReadPtr
PeekConsoleInputW
SetCalendarInfoA
SetConsoleActiveScreenBuffer
SetConsoleCursorPosition
TlsGetValue
WriteConsoleOutputA

advapi32

CloseEventLog
ConvertSecurityDescriptorToAccessA
CryptGetDefaultProviderA
CryptSetKeyParam
ImpersonateNamedPipeClient
IsTextUnicode
NotifyChangeEventLog
RegCreateKeyA
RegReplaceKeyW
RegRestoreKeyA
StartServiceCtrlDispatcherA

user32

CreateDesktopA
DrawCaptionTempW
DrawIconEx
EnumClipboardFormats
GetWindowTextA
GetWindowWord
IMPSetIMEA
IsDlgButtonChecked
OpenWindowStationA
PostMessageW
SetScrollInfo
ShowWindow
WinHelpW

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE