fbe3ee73d4b9d577b4ab9a70dc76d671_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fbe3ee73d4b9d577b4ab9a70dc76d671_JaffaCakes118
Size

168KB
MD5

fbe3ee73d4b9d577b4ab9a70dc76d671
SHA1

6807fe09509ab9c3113e35eb8b4f299fb5485729
SHA256

e41455991fde808524d4d8d55c93ebef6960dd0c5a8c7b2912eb6c6d7227cdd4
SHA512

35d50415664de1ec6ad8d6e79b71efcd5deb90d7a96154f9c7013aef534a7c15b7479626c831e93e42a14092fde93d35a9b2784b76edcd55b913c7e6043a18ff
SSDEEP

3072:qFZYJ/Sd5O0mcum/evf8WsiRNi4NtQF0fOAFXBaFpizsgVok:qAlWO0TYX8WsiRN9MF0fhRRjVok

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbe3ee73d4b9d577b4ab9a70dc76d671_JaffaCakes118

Files

fbe3ee73d4b9d577b4ab9a70dc76d671_JaffaCakes118
.exe windows:4 windows x86 arch:x86

34c6965b3c6756da26ff5dea92b0b400

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetAtomNameA
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
VirtualAlloc
TerminateProcess
HeapSize
GetSystemTimeAsFileTime
FreeLibrary
HeapReAlloc
IsDebuggerPresent
SetFilePointer
WriteConsoleA
IsValidCodePage
GetDateFormatA
WriteFile
GetLocaleInfoA
GetCPInfo
EnumResourceNamesA
GetCurrentProcessId
SetStdHandle
GetStringTypeW
GetConsoleOutputCP
GetOEMCP
InitializeCriticalSection
RtlUnwind
GetTimeFormatA
LoadLibraryA
SetUnhandledExceptionFilter
GetACP
MultiByteToWideChar
UnhandledExceptionFilter
RaiseException

shlwapi

SHCreateStreamOnFileW
PathIsContentTypeA
PathAppendA
SHCreateStreamOnFileEx
PathIsFileSpecA
PathCreateFromUrlW

rpcrt4

RpcStringFreeA

Sections

.text
Size: 142KB - Virtual size: 269KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ