fd5753276fa425e062be9ae2d01ca738_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd5753276fa425e062be9ae2d01ca738_JaffaCakes118
Size

2.6MB
MD5

fd5753276fa425e062be9ae2d01ca738
SHA1

8fefdbaabda362280f463f5fee56ff6b617209c4
SHA256

0e9d8dab64a451640c2e3cf3f6bd3fd347f54f1995cde5935cf84cb29d44042a
SHA512

d662ec1893a97494ceb307a6b8e270a2071bbd4d2644dc0f103f1817729fb32f3fb3368d00363bfd299095303103813eae56d8611a8a28192647fee92ba1ddfb
SSDEEP

49152:hy3Wsc1Yc3sxl8EA62TK/oQlxG9rQ926pJE6+9vU9DultTDyVP8C:hcW71Ha//pxG9rb6pJE19HltTDyV8C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd5753276fa425e062be9ae2d01ca738_JaffaCakes118

Files

fd5753276fa425e062be9ae2d01ca738_JaffaCakes118
.exe windows:6 windows x64 arch:x64

ee93ddebbf5258fb8be12e5333dca258

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WriteFile

iphlpapi

GetInterfaceInfo

msvcrt

_wcsnicmp

psapi

GetMappedFileNameW

user32

GetWindow

advapi32

RegSetValueExA

shell32

SHGetFolderPathW

Sections

.text
Size: 823KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 549KB - Virtual size: 552KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ