fabcbbabaa55319f7018d2c703e6d527_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fabcbbabaa55319f7018d2c703e6d527_JaffaCakes118
Size

42KB
MD5

fabcbbabaa55319f7018d2c703e6d527
SHA1

f2fb4cb3f3c2c5ec3e05f09a9a0846af4c49e1af
SHA256

f4786045413f994ab7f67a99fbab4113f7ab40e0627faefef519f73d7408285a
SHA512

2bff9ead53496dfd57cf5cd601dfa992766fdba9cac46f050132a35225053b61531a47523e3c5b2ae0bc067d6c7f55a26e8a0d1f48a7c55d6fe008ea95f6870d
SSDEEP

768:+imfitjM1Gq9BKVigp0gTNdIM6V58VUSkV9zfxS30AKCxJJIrzds:+imSjMcq0OiP6WDSzQ311xJJyz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fabcbbabaa55319f7018d2c703e6d527_JaffaCakes118

Files

fabcbbabaa55319f7018d2c703e6d527_JaffaCakes118
.exe windows:5 windows x86 arch:x86

94c984121a90091582fab3aecfff1efa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
VirtualAlloc
GetProcAddress
VirtualFree
HeapAlloc
MapViewOfFileEx
LoadLibraryA
CreateFileMappingA
GetCommandLineA
GetModuleHandleA
UnmapViewOfFile
CreateFileA

user32

DialogBoxParamA
LoadIconA
LoadCursorA

advapi32

RegOpenKeyA

comctl32

ord17

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ