fc6e2ff9183e3f0b00ec3228044a10cc_JaffaCakes118 | Triage

Sharing

General

Target

fc6e2ff9183e3f0b00ec3228044a10cc_JaffaCakes118
Size

143KB
MD5

fc6e2ff9183e3f0b00ec3228044a10cc
SHA1

d643847272e2b78c3a3fe2ca037a96766efdb063
SHA256

98a63e2731903f5a0501bef487d1c3e702e9a577a92d35abfbb9ecf05fdd7503
SHA512

fae3094ac799d95f31680a44c68a367def2f86d68b27b72b0c25818bd4442824e484b64c9eec757cb4bedf42192929d6050f84be67099056ba0702a3362b3601
SSDEEP

192:fV40WbqI5F+ZTllhgcW3pFSjK4SxXEeHvFo4NcYwg:N4YI5Foje73OObX1v2gcYw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc6e2ff9183e3f0b00ec3228044a10cc_JaffaCakes118

Files

fc6e2ff9183e3f0b00ec3228044a10cc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d8b2de51e87c38a1e5825c743e785078

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CreateStreamOnHGlobal
CoTaskMemFree

kernel32

lstrlenW
lstrlenA
lstrcpyA
lstrcmpiA
lstrcmpA
lstrcatA
WriteFile
WideCharToMultiByte
UnmapViewOfFile
Sleep
MapViewOfFile
LocalFree
LoadLibraryA
CloseHandle
GlobalAlloc
GetWindowsDirectoryA
GetVolumeInformationA
GetTickCount
GetProcAddress
GetPrivateProfileStringA
GetPrivateProfileIntA
GetLocalTime
GetLastError
GetFileSize
GetCurrentProcess
GetComputerNameA
FindNextFileA
FindFirstFileA
FindClose
ExitProcess
DeleteFileA
CreateFileMappingA
CreateFileA
GlobalFree

user32

wsprintfA
ReleaseDC

advapi32

RegQueryValueExA
RegOpenKeyA
RegEnumValueA
RegEnumKeyExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
GetUserNameA
AdjustTokenPrivileges

shlwapi

StrStrIA
StrRChrA

wsock32

recv
inet_addr
gethostname
gethostbyname
connect
closesocket
WSAStartup
socket
send

Sections

.text
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE