fca7c7113ca0dc1b42cbe4ade769f919_JaffaCakes118 | Triage

Sharing

General

Target

fca7c7113ca0dc1b42cbe4ade769f919_JaffaCakes118
Size

113KB
MD5

fca7c7113ca0dc1b42cbe4ade769f919
SHA1

24472e5b71a3f859f0ad4e01032ec401d8075ac1
SHA256

72118218e4955647001ae5e72cfc05d2fe205ad2d14ed05ffd29cfece626b57e
SHA512

8e1ab9a132566b62d0a406797e7b5ecc4b92f1329effd657af793b2ccfccb9138f1bfd65756d8e530cb65827bee17288393ccc885442aded4bd3fe4463635e43
SSDEEP

1536:WSGXKYF5j9uf5q9e+S2iUes/hR6roxSIWP1pznRCtKrY4CuywFVURDoq4OZZZLlG:Vg+M9e+biSh8kxSr04rY467RD68wb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fca7c7113ca0dc1b42cbe4ade769f919_JaffaCakes118

Files

fca7c7113ca0dc1b42cbe4ade769f919_JaffaCakes118
.exe windows:4 windows x86 arch:x86

51695fb2d25fa717e24b2f33b3ffe245

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyW
RegCreateKeyA
RegQueryValueW
RegEnumKeyExA
RegSetValueA
RegOpenKeyA

comctl32

CreateMappedBitmap
DllGetVersion
ImageList_Destroy
ImageList_LoadImageA
DrawStatusText
CreateUpDownControl
ImageList_GetIconSize
ImageList_Create

gdi32

CreateHalftonePalette
GetClipBox
DeleteDC
RestoreDC
CreatePalette
SetTextColor
GetPixel
ExcludeClipRect
GetCurrentPositionEx

user32

GetDlgItem
LoadCursorA
CopyIcon
InsertMenuA
DialogBoxParamW

kernel32

DeleteAtom
SetLastError
ReadFile
DeleteFileW
GetLastError
WriteFile
OpenFile
FindFirstFileA

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 18B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 26KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ