faa9725f202bcc59516f7e7472d4f9d7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

faa9725f202bcc59516f7e7472d4f9d7_JaffaCakes118
Size

42KB
MD5

faa9725f202bcc59516f7e7472d4f9d7
SHA1

defddf3c272a77a353bcb793ce819f62e0858460
SHA256

1400d883d6e90ae689db61ca5deb180e393ac43a1a594e010e60416e5d082b06
SHA512

60b5893c4ca56ae25138f5754a1ba99dbe7d14737493af6def1a7ed81e76311c9be295c09b22ec946a51c28a911b458575dcfc39c9733891996c6925340b8ea8
SSDEEP

768:B06LecrffKigr5/G1Ipt+CZeMrfNgc9yNr5jRU9U:u6lffKiE5/BiyeMm/Z5jRU9U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
faa9725f202bcc59516f7e7472d4f9d7_JaffaCakes118

Files

faa9725f202bcc59516f7e7472d4f9d7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9eb37757187a78431dfec39593309952

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
GetCommandLineA
HeapLock
LocalAlloc
IsValidCodePage
LZRead
SetLastError
VirtualAllocEx
OpenProcess
TransmitCommChar
GetVolumePathNameA
GetDiskFreeSpaceExA
GetUserDefaultLangID
GetModuleHandleA
IsBadWritePtr
GetModuleHandleA
GetStdHandle
HeapAlloc
GetConsoleCursorMode
GetBinaryTypeW

user32

GetKeyNameTextA
CharUpperBuffA
EndTask
GetUserObjectSecurity
ToUnicodeEx
CreateIconFromResourceEx
IsWindow
GetUpdateRgn
HideCaret
GetClientRect
GetAncestor
SetMenuItemBitmaps
ExcludeUpdateRgn

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ