fa45ff89d03aa5bade00a78a55c518e4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa45ff89d03aa5bade00a78a55c518e4_JaffaCakes118
Size

110KB
MD5

fa45ff89d03aa5bade00a78a55c518e4
SHA1

29e42d752d222786439bcfef2d827c62b149c90f
SHA256

0fe0696d032505ca9e3c6d36a0b02f106cf37c93ff581a65715d1eb5cc50138b
SHA512

f8d5370f99f6f45718d757cbf734ebfd023d0fe49b1125e788225332494094d3318272e9801d928201a10fe34594eb469f6d4203da5e3b353608a8887eda0505
SSDEEP

3072:8SXb8gaB7FZy97N5SCsu2oh40kv3VucVEp:8SRaB7E7N5Fsu6vFu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa45ff89d03aa5bade00a78a55c518e4_JaffaCakes118

Files

fa45ff89d03aa5bade00a78a55c518e4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9bd480d4b595978838101d6421c5f6c2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlFillMemory
FindCloseChangeNotification
CreateTimerQueue
GetProfileIntA
SystemTimeToTzSpecificLocalTime
GetConsoleTitleA
GetProfileStringA
VirtualFree
GetWriteWatch
GetNumberFormatW
DosDateTimeToFileTime

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 41KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE