fb010d7c14f6bd3388add09fb27e4e0b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fb010d7c14f6bd3388add09fb27e4e0b_JaffaCakes118
Size

38KB
MD5

fb010d7c14f6bd3388add09fb27e4e0b
SHA1

ef17747391d697e6b062494f5937dd1f9fde8f7c
SHA256

ca924b4f779f2689ba0fbef093b42cc8a0e008f629647e6d0e1f6e53c07f4999
SHA512

b0d71c230c702df1b277bc8b593939558f9cb89a2053240022b2fc7cf14ff976888f676360b6a899ad1e18b00e5cef0bb99d9a2d6183aea48002f4bab4135fcb
SSDEEP

768:humpdtmCnm1j+61XpOOIl5NW4X6KhfI2BdiBnkBvCnj3xj7zk5W8KI6z:JdtlnsvFgOA5NRXNhrB8SEzpfjS2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb010d7c14f6bd3388add09fb27e4e0b_JaffaCakes118

Files

fb010d7c14f6bd3388add09fb27e4e0b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

febb7bc041236cb678c053662f7c7d2a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleOutputA
GetFileAttributesA
GetConsoleInputExeNameA
OpenWaitableTimerA
CallNamedPipeA
GlobalAddAtomA
GetPrivateProfileIntA
GetModuleFileNameA
CreateEventA

user32

CallMsgFilterW
RegisterClassA
IMPGetIMEA
VkKeyScanExA
GetWindowTextLengthA
GetPropA
GetMonitorInfoW

gdi32

RemoveFontResourceW
CopyMetaFileW
EnumFontsA
RemoveFontResourceW
GetTextExtentPointA
CreateScalableFontResourceA
GetGlyphIndicesA

Sections

.icode
Size: 30KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.share
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.share
Size: 1024B - Virtual size: 765B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ