fbc88bec2ba4530a03492e249f00a956_JaffaCakes118 | Triage

Sharing

General

Target

fbc88bec2ba4530a03492e249f00a956_JaffaCakes118
Size

184KB
MD5

fbc88bec2ba4530a03492e249f00a956
SHA1

096111a6392b239215ddb78ce55448b683cc5603
SHA256

afef753ed47606289fedee8f2c44782abe27c230fafad4de3506885072ebef7b
SHA512

a33ae0663f3ed31e0b95ada8b5e09cf6c08e75cb5130b01c697687a80a57055a744e3f1fb9cedee3ac8e670cab25cbe26d54f26d24a3f07fcd95ac1d3e487e46
SSDEEP

3072:enS+NbzMquVjdUNdVMmicmxJQzfyyMsKlMoEYUobRhA2kvBOQu9imZfHaITxdgbW:4SezMDVZuMoScyUKlMv5OQd23EeNtW5K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbc88bec2ba4530a03492e249f00a956_JaffaCakes118

Files

fbc88bec2ba4530a03492e249f00a956_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9f9a0e7fa9fb5a7d04de1c4d6d02c25b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GlobalFindAtomW
WideCharToMultiByte
VirtualProtect
GetThreadLocale
WriteFile
GetEnvironmentStrings
LCMapStringW
LCMapStringA
FreeEnvironmentStringsA
IsBadCodePtr
FindFirstFileA
GetStringTypeA
IsBadReadPtr
EnumResourceNamesA
GetOEMCP
FreeEnvironmentStringsW
ReadFile
GetDiskFreeSpaceA
GetFileAttributesA
SetFilePointer
GetFullPathNameA
FlushFileBuffers
CreateFileA
GetCPInfo
GetStringTypeExW
GetEnvironmentStringsW
SetStdHandle
SetUnhandledExceptionFilter
GetStringTypeW
UnhandledExceptionFilter
MulDiv

rpcrt4

RpcStringFreeA

shlwapi

SHGetInverseCMAP
SHCreateStreamOnFileEx
PathIsContentTypeA
PathAppendA
PathIsFileSpecA
PathCreateFromUrlW

Sections

.text
Size: 92KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ