fc8924214819d181084a28a6a150f630_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fc8924214819d181084a28a6a150f630_JaffaCakes118
Size

43KB
MD5

fc8924214819d181084a28a6a150f630
SHA1

92681d171ed080ad3ac4bedc00454fd51144974d
SHA256

d43b9a1620b28e30391f5a7f9fc46a3a0dd0ed2d8ea64b130c45b897dcf7100d
SHA512

67b834dd600fd49c174a756d3d4bea9e9ebd1ab910652d28cf0aad41cf01786b4834f10aa756d714d41e8a0876d6ea3defa4a0eb8cd439ce4aa24543b1de4b9c
SSDEEP

768:eo+/j+ToCZPVieXupQU4LTmRfgLK4f0HvW0nADGSmV5SaM+I3NSEAIh4bGgZTJnb:s/jcoiA1gLzQdAKSmPSaWIa4f9nb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc8924214819d181084a28a6a150f630_JaffaCakes118

Files

fc8924214819d181084a28a6a150f630_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2179c8d99309bfe82885a9001f4f4cd3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatW
CreateThread
MultiByteToWideChar
CreateMutexW
CreateFileMappingW
WriteFile
SetFileTime
GetDriveTypeW
GetTempPathW
ExpandEnvironmentStringsW
SetEndOfFile
FlushFileBuffers
GetModuleFileNameA
GetSystemTime
ReleaseMutex
SetFileAttributesW
HeapFree
DisconnectNamedPipe
SetEvent
GlobalLock
CreateProcessW
GetTimeZoneInformation
FindClose
lstrlenA
HeapAlloc
lstrcmpiA
FindFirstFileW
SetThreadPriority
GetCommandLineA
OpenProcess

user32

GetMessageW

Sections

.jqz
Size: 35KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wdobqz
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lolcz
Size: 4KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ