fb54ded455e96a4a13367c2fd3d07dd6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fb54ded455e96a4a13367c2fd3d07dd6_JaffaCakes118
Size

172KB
MD5

fb54ded455e96a4a13367c2fd3d07dd6
SHA1

dce8b2355b4cc7741cb1fe045490fc75b19a27c0
SHA256

67082c638cdf35e46fbd7759a84e175bace0471a93fcab6923a2cdca5900fe5e
SHA512

778c6805b988475e253f7f9ce177163d288e91efe4c10ac892da89c86cd37985b34cd4a7baa0af99ff0dbf34d2266585280bcf88ca176344209730aaaa5ccbca
SSDEEP

3072:KTw8yyV6K42HDsWlUh0RJe7zm6VoOXZ8tsg1HVodNZRrco5ZnH36qcSxj:K8CV6ijs8Uh6+a6VoOXZ8tp1odao5BX5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb54ded455e96a4a13367c2fd3d07dd6_JaffaCakes118

Files

fb54ded455e96a4a13367c2fd3d07dd6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c258666abc5ef9b08affdf515c720dad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetDefaultCommConfigA
WaitNamedPipeA
ResetWriteWatch
WriteFileGather
ReadDirectoryChangesW
FormatMessageW
QueueUserAPC
GetStartupInfoA
WritePrivateProfileStructW
ReadConsoleInputW
WinExec
RemoveDirectoryW
VirtualProtect
GetLastError
lstrlenA
BuildCommDCBA
OutputDebugStringA
WideCharToMultiByte
CreateDirectoryExW
MoveFileW
GetTapeParameters
GetShortPathNameA
LocalShrink

gdi32

DeleteObject
DeleteDC
SelectObject
CreateDIBSection
CreateCompatibleDC
GetDeviceCaps
CreateDCW
BitBlt

Exports

Exports

TAlx
TBbx
TBdyf
TBgd
TDfa
TDoj
TDvax
TDzxv
TFbb
TFnzj
TGpf
TGph
TGzh
THdc
THnbj
THpd
TJel
TLsn
TPbk
TPjlgn
TPmrnl
TPtmv
TPzjv
TRpm
TTev
TUfrbn
TZvvsx

Sections

.text
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE