fe401ad6e528cb9e2b7f7a34acd0f365_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fe401ad6e528cb9e2b7f7a34acd0f365_JaffaCakes118
Size

413KB
MD5

fe401ad6e528cb9e2b7f7a34acd0f365
SHA1

d1e5b4d94a84aa37ff092080d0d4a1678d3190aa
SHA256

ee3e91eb5f2fb1497500081854b0f4e9b75df5679a44e783c12d1f33f2d8ab7a
SHA512

9ed86b4d25ae39348a56e9b980f4a74eda3904d9f9bf68f0d66bf6298779d3f0b48d8124eaafb3045976a3e6fae177af3920c4fca4c673fe00f97406e54fb683
SSDEEP

6144:fUGoNREtUzhIBhwrtKQeMixD10lqk3A+8sJSy91qBrXVXHMOXXNdgtCxdJS0:fiW6bcOZ3AuwiqBrFpXXg0W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe401ad6e528cb9e2b7f7a34acd0f365_JaffaCakes118

Files

fe401ad6e528cb9e2b7f7a34acd0f365_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dd90ac8a2cd92a0d4b2281fe9a7ce1ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMailslotA
GlobalFree
GetProfileStringA
GlobalFlags
GetTapeStatus
LocalHandle
CloseHandle
EnumDateFormatsA
FindAtomA
GetOEMCP
EnterCriticalSection
GlobalLock
GetUserDefaultLangID
GetModuleHandleA
GetProcessHeap
GetVolumePathNameA
ExitProcess
GetStdHandle
GetProfileIntA
CreateJobSet
VirtualAlloc

user32

ReleaseDC
ValidateRect
BeginPaint
DrawEdge
GetParent
GetWindowTextLengthA
GetClassNameA
GetDC
ShowWindow
GetFocus
GetWindow
EndPaint
CloseWindow
GetForegroundWindow
GetWindowTextA
RegisterClassA
IsIconic
GetClassInfoExA
GetActiveWindow

gdi32

GetCharWidthA
ExtCreatePen
CreateDCA
CreateDIBitmap
GetColorSpace

sxs

SxsLookupClrGuid

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ