fa7d77259a615a3ba7324afb4fd49c8e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa7d77259a615a3ba7324afb4fd49c8e_JaffaCakes118
Size

82KB
MD5

fa7d77259a615a3ba7324afb4fd49c8e
SHA1

b54976297f1f6c6eb1a732254af60a84d0075a92
SHA256

6c7c48109c4eeb2b9c8ed16363943adeb789d4eb39d5dedde76fc2304e466804
SHA512

00c0a73f73c77b9f5ca05651669c0151c6ba033e24a4f6dc0937e23113a73f64d1a68955f789a046f805b5f9a7177eb7801dd8661c947c5a09b997a86e37f697
SSDEEP

1536:9t+qVCgBIqs7CXp4+bjreUiA6UKyHz1A4p/iJbKy/R5HR9GtlFiUWg8jAHQ:9tBCcg+Xp5jwAVK7mkKGTH/4riUjWn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa7d77259a615a3ba7324afb4fd49c8e_JaffaCakes118

Files

fa7d77259a615a3ba7324afb4fd49c8e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

93c6c73136d3be79741b2f03534dc28f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
ExitProcess
SetPriorityClass
VirtualProtectEx
SetLastError
GetStartupInfoA
GetModuleFileNameA

user32

BeginPaint
GetUserObjectInformationA

Exports

Exports

Fdxamess
Cxbbvplsj

Sections

.text
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rcode
Size: 544B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata1
Size: 68KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ