fab8eae114e9ac35b958ab106c0eb30a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fab8eae114e9ac35b958ab106c0eb30a_JaffaCakes118
Size

314KB
MD5

fab8eae114e9ac35b958ab106c0eb30a
SHA1

fb7b881517b226d9ef130f5c4854582b7696f0de
SHA256

1ea9bf987665fa13baf41796387a9b477fc347c39b30b9c0ad5ea323385af181
SHA512

df6e6c2184ab4855714fcf3f099f6d0170f18bcc6581f859fc76e1473d90ce7d5e77bdc094475a56386834163f6e3c22ce42931e50153c6d1ef1fda977ed0aef
SSDEEP

6144:gDg4HlVkL1ikmQ1NnUi2OcKZJOKlH5TZHMiLY/1LZBsfg5P99J+Dsmi3Up28jQM:g03L1BgOznjTZDLY/vTPF+AmaUkEQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fab8eae114e9ac35b958ab106c0eb30a_JaffaCakes118

Files

fab8eae114e9ac35b958ab106c0eb30a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

78c91e4710b57c94e55f2950585469d3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExW

user32

LoadStringW

msimg32

AlphaBlend

gdi32

UnrealizeObject

version

VerQueryValueW

ole32

OleUninitialize

comctl32

InitializeFlatSB

shell32

ShellExecuteW

Sections

.text
Size: 290KB - Virtual size: 1012KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE