fec9fa91d03047030a57300ad829d2a6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fec9fa91d03047030a57300ad829d2a6_JaffaCakes118
Size

304KB
MD5

fec9fa91d03047030a57300ad829d2a6
SHA1

a57381a8b9d8f67b881723fcadbfa6f0bd75b544
SHA256

23df080150de27817c5b2f34836107851af883a71bd70bc2aa07655bb89ca06f
SHA512

44158c22ef489fdd0b652a558b2786aa54797a124b8e21d721e41300972e984beeb3d5f20c8b00f0581e13bed35e9fcf89dad021f42190c57908bf78b6241829
SSDEEP

6144:EDk7UuZec809NI1WkPU36c+iw3VnORV3RFZ1Y/CV:EDTwIskPa6c+RgRHFT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fec9fa91d03047030a57300ad829d2a6_JaffaCakes118

Files

fec9fa91d03047030a57300ad829d2a6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5530f109d94baf6a37a4f1b4c936f12b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindAtomA
GetPrivateProfileIntA
CreateFileMappingA
GetCommandLineA
ResumeThread
MapViewOfFile
lstrlenA
IsDebuggerPresent
ResetEvent
VirtualAlloc
GetModuleHandleW
CloseHandle
ExitProcess
GetPriorityClass
GetSystemTime
HeapDestroy
GetComputerNameA
GetFileAttributesA
LoadLibraryA
LocalFree

user32

GetClassInfoA
DestroyCaret
GetCaretPos
FillRect
GetDlgItem
CloseWindow
DispatchMessageA
CallWindowProcA
GetMenu
CreateWindowExA
EndDialog
GetClientRect
DrawStateA

rasapi32

DwCloneEntry
DwRasUninitialize
RasDialA
DwEnumEntryDetails
RasDeleteEntryA

certcli

DllGetClassObject

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 295KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ