feac3dddc723326610656922868246fa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

feac3dddc723326610656922868246fa_JaffaCakes118
Size

747KB
MD5

feac3dddc723326610656922868246fa
SHA1

64be159cf4060ec5a5d15bea478900755baffd40
SHA256

4f79921311e667ec3ff899fab347d0b393bbe41f70b35e922783050c59efef9c
SHA512

76e65f36eeba4d9eb2c4bb783c81f86f6db06d8a3066a4eebab8fd0daa9857706b47d5b42f3feaea26968a309d0a226bccc82f8e471e19a90178afa58d53d7ca
SSDEEP

12288:tnncq8/pgRg6I34RxpFu/cp+PZ48nkd65lijO/pzK+OGNHk9TM0xFnO7/6EbfrtN:p8/J6443zywyZ42kEEjuzK+OqkK0i/64

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
feac3dddc723326610656922868246fa_JaffaCakes118

Files

feac3dddc723326610656922868246fa_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2dbaa3827d8134d6134f6ec1fa5ca56e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
CreateDirectoryA
CancelIo
GetCurrentDirectoryW
GetModuleFileNameA
FindClose
GetCommandLineA
GetDriveTypeA
CloseHandle
GetFileType
GetStdHandle
lstrlenW
Beep
HeapCreate
ExitThread
GetCurrentThreadId
CreatePipe
WaitForMultipleObjects
GetStdHandle
CreateSemaphoreA
HeapFree
GetFileAttributesW
GetModuleHandleA
IsBadWritePtr
GlobalSize

uxtheme

GetThemeColor
GetWindowTheme
GetThemeTextExtent
CloseThemeData
GetThemeSysSize
DrawThemeBackground
DrawThemeEdge
CloseThemeData
IsThemeActive
OpenThemeData
SetWindowTheme
GetThemeBool
GetThemeTextMetrics

iaspolcy

DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 740KB - Virtual size: 740KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE