fa19ebcd15991a2592a79a1d4b5bd164_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa19ebcd15991a2592a79a1d4b5bd164_JaffaCakes118
Size

170KB
MD5

fa19ebcd15991a2592a79a1d4b5bd164
SHA1

c18dd3e771772b213193a998b1051aec8be4f88c
SHA256

1c7882e648a49bdf28d2485ff911a9811f3d81700b6ee0a1e6f45e0f75cb6287
SHA512

39aef7c27afca62add576c0f0ee0b28135a1e4fadbe55bd77954e89c35fd0ab42951d7ec9ca45777a2843ed5b94b7074ac34fa5cae91cf05b6335f20592f4719
SSDEEP

3072:PqyBZ+rgfZQWWfrUJjIp/A1FRaacImfyRYd3AAAnEoUmsxMaYUJuajVp3GpUo4wc:yyT+razHOA13aac3OYinPk5Y4uapcUIT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa19ebcd15991a2592a79a1d4b5bd164_JaffaCakes118

Files

fa19ebcd15991a2592a79a1d4b5bd164_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c5e112808441373aef701d800d73a1f4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ScrollConsoleScreenBufferA
SetConsoleMode
SetConsoleTitleA
SizeofResource
lstrcatA
ReleaseSemaphore
SetConsoleTitleW
CloseHandle

ntdll

RtlEqualComputerName

user32

ScrollWindow
CharToOemBuffW

ole32

CLIPFORMAT_UserFree
OleRun

gdi32

SetRectRgn
WidenPath
GdiGetBatchLimit
GetRandomRgn
ResetDCA
SetArcDirection
AddFontResourceA

shlwapi

SHRegWriteUSValueA

secur32

RevertSecurityContext

Exports

Exports

I1uSSX
J7q
K827
TUMOpSzlJhXlzJ
WqE
lsmkKT
vHPTA9pavXiqSptOe
yqzsYKaGBqHHZm

Sections

.text
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ