fb35d2a8713d78c0b55e1f611f26578b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fb35d2a8713d78c0b55e1f611f26578b_JaffaCakes118
Size

6.6MB
MD5

fb35d2a8713d78c0b55e1f611f26578b
SHA1

0bf2373dd50936ade72d02cdaf2d7fc17b1b8b17
SHA256

1c6b7448c3ea4c1af9d7fdc273f3b2adee375b22f571d67e43165f84e38f73cd
SHA512

6f5f7296a54dded31b40e97a24efb77ead0275619b6ab30b8e213818b0b26c799b4f68bf27c0f068791b61d811b7ee6e87a1a8816285e3662cd4df9cb99f7286
SSDEEP

98304:tjZUY2Yvd1uOmi+Mi/4xO6v/yFSnPXnFmX+hUFyNpbwE4YrFN8o1Vmohr3MgYKZk:nU7YV0Om/6pPXnFK+TfBgGmW6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb35d2a8713d78c0b55e1f611f26578b_JaffaCakes118

Files

fb35d2a8713d78c0b55e1f611f26578b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a52150260066d3d1529c887a65617b97

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
WriteFile
LockResource
LoadResource
FindResourceA
CloseHandle
SizeofResource
WaitForSingleObject
lstrlenA
DeleteFileA
lstrcatA
lstrcpyA
GetModuleHandleA
GetCommandLineA
FreeResource
CreateProcessA
GetTempFileNameA
GetTempPathA
lstrcmpiA

user32

LoadStringA
MessageBoxA

advapi32

RegCloseKey
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA

Sections

.text
Size: 4KB - Virtual size: 897B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 740B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6.6MB - Virtual size: 6.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ