fad32f449d64cd16c7e98b7f86be602b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fad32f449d64cd16c7e98b7f86be602b_JaffaCakes118
Size

54KB
MD5

fad32f449d64cd16c7e98b7f86be602b
SHA1

6aaf4418db1efd0374921b027680a62affb9a9f9
SHA256

d2c57524e04f12c2bdfe6c187fcd0fa8602f55575f0dcae04f8f78a2e97ae41d
SHA512

de27493bf9aa6f8aaa1dbdeea2f0635e2d6886e74341e36059bc3253122d97cf6042d2547b65d6e2351f874a9dfec0d4cd965b202142f2ddcc84a840379d65bb
SSDEEP

768:N5+MYaWf3OztK1f42aDiz9o8JYTElfKwhISGYXyYo:1YaWfGKAD89rKEd+nY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fad32f449d64cd16c7e98b7f86be602b_JaffaCakes118

Files

fad32f449d64cd16c7e98b7f86be602b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

890ad6ec476801a0678eb405ecb9dfe6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PostQuitMessage
RegisterClassExA
LoadCursorA
GetWindowTextA
TranslateMessage
UpdateWindow
LoadIconA
GetMessageA
DispatchMessageA
DestroyWindow
DefWindowProcA
CreateWindowExA
SendMessageA
ShowWindow

kernel32

_lwrite
_lcreat
_lclose
GetModuleHandleA
ExitProcess

gdi32

CreateFontA

Sections

.text
Size: 1024B - Virtual size: 886B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE