fadb49b1fd370686011f238105f856ce_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fadb49b1fd370686011f238105f856ce_JaffaCakes118
Size

25KB
MD5

fadb49b1fd370686011f238105f856ce
SHA1

5eb662ce45209d36aaf59c6a99804884eb49c220
SHA256

972c3e5ce01de6ff60d2a1f9a22582b1cd6e9f7fa6ba1c6488bd4fde134a3c3b
SHA512

d227a42a245ac451173ff1d62e7aa3a4ee438113482832fe0638e7d71e7ec885a1b80f9423d77c801a83ab6ff9743a01863613dbc3891e90629c952277ab67e3
SSDEEP

768:7vNWYLq3/9yCX8pUwvCpIrBG30y6d2Icxnz6XupYw9kE9:hWPFpXoU2T0EBSJ3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fadb49b1fd370686011f238105f856ce_JaffaCakes118

Files

fadb49b1fd370686011f238105f856ce_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d185a8fa2b67cc39811cc4c066cee044

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

_lcreat
NlsConvertIntegerToString
CreateIoCompletionPort
GlobalMemoryStatus
SearchPathW
VirtualAllocEx
LZStart
CmdBatNotification
CreateActCtxA
GetSystemWindowsDirectoryW
HeapQueryTagW

user32

DdeClientTransaction
CharNextW
EnumDisplaySettingsExW
GetLastActivePopup
EnumClipboardFormats
GetAltTabInfoW
IsZoomed
GetProcessWindowStation
DefFrameProcW
PostQuitMessage
InvalidateRect
SetMessageExtraInfo

Sections

.text
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ