fadab98eca91593e87c02df7091ab0e3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fadab98eca91593e87c02df7091ab0e3_JaffaCakes118
Size

55KB
MD5

fadab98eca91593e87c02df7091ab0e3
SHA1

93c841d3da5e126a3718c964233896d05321619d
SHA256

b54b31c9eb4bd41f4fac753396814d34efd84a65a1723a0875a5ca08129d4e75
SHA512

81f1358d70b953435b883328099adaa0af7efea0a096fe13a5c2476ffd007198bd9930f64c9f341bd1853d29baf6d55882bb65573363a2e743ef05b06f2c46ac
SSDEEP

1536:FAy0+JmHjkso9I5+1nJ4q/ARS0AXuxmKph:2y0+Qjk99a+1zojAXvKph

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fadab98eca91593e87c02df7091ab0e3_JaffaCakes118

Files

fadab98eca91593e87c02df7091ab0e3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

88cdb13829e12a1b38ff8dc6d84da512

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
GetDriveTypeW
LocalFree
SetLastError
FreeConsole
GetDiskFreeSpaceExA
IsBadReadPtr
TlsGetValue
EnumResourceTypesW
FindClose
ResetEvent
LoadLibraryExW
GetModuleHandleA
VirtualProtect
GetLastError
GetCommandLineA
IsBadStringPtrA
CloseHandle
GetDateFormatA
CancelIo

advapi32

GetFileSecurityA
LsaSetSecret
RegCloseKey
CloseEventLog
RegCreateKeyExA
LsaClose
IsTokenUntrusted
OpenEventLogA
FreeSid
CloseTrace
AccessCheck
RegLoadKeyA
LsaFreeMemory
RegCloseKey

glmf32

glsBinary
glsGetError
glsCharubz
glsBlock
glsChannel

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ