fe9691fca4c7799f835e3bd1ba907573_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fe9691fca4c7799f835e3bd1ba907573_JaffaCakes118
Size

48KB
MD5

fe9691fca4c7799f835e3bd1ba907573
SHA1

e2bb2933125d47d3600e8bab4989709c0557e717
SHA256

1952c32df1eec0cf0e404cf63c8c18278be473d90b187c6ccd8f1f31c8bd5a46
SHA512

282c39acecccc2b44cb5c2f40267a3c50e6da0fe826a7e78f82b2e883c2d2ce9b190a8b7d900247ed5473bbf5aab512e128542a002ddacf15f0f1f34b1206fbe
SSDEEP

768:SfI6x+9oyIr0UniAzugbQj2rME+7/oH4PMLINpvfL7zkQjWfHotFmnCWQvA8zu:6II+9oyrifawPA/w4qILr71oHoz0Qv3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe9691fca4c7799f835e3bd1ba907573_JaffaCakes118

Files

fe9691fca4c7799f835e3bd1ba907573_JaffaCakes118
.exe windows:1 windows x86 arch:x86

3b16ef3c3dc6e7010a038b6325f0a226

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
GetModuleHandleA
ExitProcess
LoadLibraryA
VirtualProtect
GetSystemTime
ExitProcess
lstrcatA
CloseHandle
GetModuleFileNameA

user32

MessageBoxA
SetCapture
ReleaseCapture

Sections

.newpe
Size: 44KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE