fd5c2afcaf52edd2280c8e1f4776a5c2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd5c2afcaf52edd2280c8e1f4776a5c2_JaffaCakes118
Size

717KB
MD5

fd5c2afcaf52edd2280c8e1f4776a5c2
SHA1

f81283ebd548ae298eba134088862753b244c1e0
SHA256

a151c15a9ce8c508533954bf213e0b9d053e68af4c37eb4159a28d4e41a9d83a
SHA512

316ddc8b6004b309c3ac53d703b579476b0ec75d14ae0ce9b8a6b2c9db1e184afe5eb08617f991ee0ce6883f3f406de44a4080e042b05056e9b4df0d70fe88f8
SSDEEP

12288:dUqxSEDT5n4GhQn8LnzB4XG0wBtuycNTpvWLQ8c9GwtW8rsxyC3fpQ:BkyTyxnSN4XG00tsL+LQ8cswQwsYC3hQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd5c2afcaf52edd2280c8e1f4776a5c2_JaffaCakes118

Files

fd5c2afcaf52edd2280c8e1f4776a5c2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f61ef053e13a2cd8035284214ad33c90

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
GetACP
GetModuleHandleA
VirtualProtect
GetVersion
WaitForSingleObject
CloseHandle
GetProfileIntA
HeapWalk
GetAtomNameA
ResetEvent
TlsFree
GetConsoleCP
GetTickCount
lstrlenA
SetEvent
CompareFileTime
LoadLibraryExA
FindAtomA
InterlockedExchange
HeapReAlloc

user32

SetPropA
LoadIconA
EqualRect
ScrollDC
GetDlgItem
SetSysColors
GetMenu
GetKeyboardLayout
PostMessageA
GetParent
DispatchMessageA
GetSubMenu
MessageBoxA
InsertMenuA
GetScrollRange
GetWindowLongA
PostQuitMessage
GetMenuStringA
DialogBoxParamA
DestroyMenu
CopyRect
ShowWindow
ModifyMenuA
UpdateWindow
SetWindowPos
EnableScrollBar
InflateRect
TranslateMessage
GetWindowTextA

msi

MsiCloseHandle
MsiEnumProductsA
MsiDoActionA
MsiGetMode
MsiEnumClientsA

uxtheme

GetThemeBool

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ