fd39c6437e25927eb90a67fa385f74e8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd39c6437e25927eb90a67fa385f74e8_JaffaCakes118
Size

813KB
MD5

fd39c6437e25927eb90a67fa385f74e8
SHA1

8c103597841e7ea8750329e1bf013ae836cf0dca
SHA256

fcdc8e267e781d533414a97a4089019993b964a2fdea48132b81499031c41b76
SHA512

93c4a9fa9ae93e4f2031944e6e5d44002fe0c4978e9aca879b29a7f6771d08cc3a82fbb2fdb2fc53a8de44eb90bd9c7c8f3e356ab5c99d54396955e39a1e53b9
SSDEEP

12288:+LTgNak1Ulyb8i60fqYa610M8eoCweGI7oSLqdgjz6+einjMCwbajsOxTHNSUJRF:+LTAak1J1qMy5I5LqdsOonACgnQZDJRF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd39c6437e25927eb90a67fa385f74e8_JaffaCakes118

Files

fd39c6437e25927eb90a67fa385f74e8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0703a069b67ae144fa1388bce50f7133

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
GetLastError
LocalLock
LocalFree
CreateFileA
CloseHandle
GetModuleHandleA
CreateEventA
HeapCreate
GetFullPathNameA
IsBadReadPtr
LoadLibraryExA
IsDebuggerPresent
LocalUnlock
GetACP
FindClose
GetStdHandle
CreateFileMappingA
GetConsoleCP
FreeEnvironmentStringsA

user32

EndDialog
DefWindowProcA
GetDlgItem
EmptyClipboard
SetFocus
GetIconInfo
ScrollWindow
DispatchMessageA
GetMessageA
GetDC
PostMessageA
IsWindow
CreateDialogParamA
DrawIconEx

msasn1

ASN1BEREncFlush
ASN1BERDecBool
ASN1BEREncLength
ASN1BERDecEoid
ASN1BERDecCheck

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ