fbc4f51985b8f2227523c1f4c0a7c6b8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fbc4f51985b8f2227523c1f4c0a7c6b8_JaffaCakes118
Size

196KB
MD5

fbc4f51985b8f2227523c1f4c0a7c6b8
SHA1

305405369ca8949c17d6eb988ec9a1fe5c0200ae
SHA256

5cb02c42a5f045668dfa598f13ef0342de613db688745105e667b09705385a3e
SHA512

70944df79d4c8ec079449af9d508216edd30acc9765f384863f1d2a99a0527eb8ba8081572ff7e5959b818db93f19ba5b376c817bc28dca9a90ac626c9913cd0
SSDEEP

6144:eaWsj4lMFaKRb3JDXmetAiFvWVE1WMd80:exlMFjLDXmetAiFvWVwWMd3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbc4f51985b8f2227523c1f4c0a7c6b8_JaffaCakes118

Files

fbc4f51985b8f2227523c1f4c0a7c6b8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ae87acbcc01cee90a65c854e510a597e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\HomykafaaamhoeldabfurupRipeIdle\DouxLunkinWebsdimpanshonadeIdle\PerpFardopMadebanasLairmoxuexec\SlayReelesbentilsotdeirmoxuexec\gibAltsmopsupyommenaeirmoxuexec.pdb

Imports

user32

CharLowerBuffW
SetMenuItemBitmaps
MapDialogRect
RegisterWindowMessageW
MessageBoxExA
RegisterClassExA
CopyAcceleratorTableW
GetKeyNameTextW
CharNextA
RegisterClassExW
GetMenuItemID
GetClassInfoW
IsDlgButtonChecked
InvalidateRect
GetMessageExtraInfo
SendMessageTimeoutA
InflateRect

gdi32

SetPaletteEntries
CreateBitmap
CreateBrushIndirect
CreateDiscardableBitmap
GetMapMode
CreateSolidBrush
PatBlt
SetWindowOrgEx

shlwapi

PathIsFileSpecA

kernel32

CreateSemaphoreW
GetHandleInformation
WaitForMultipleObjectsEx
IsBadStringPtrW
QueryPerformanceCounter
GetLocaleInfoA
LoadLibraryExA
SetCurrentDirectoryW

Exports

Exports

ModifyTaskA@4
IsStringExW@8
CallKeyNameOriginal@12
CancelThreadW@12
GetSectionOld@8

Sections

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 191KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ