fbc480ac78216ba64e416573c150e2f8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fbc480ac78216ba64e416573c150e2f8_JaffaCakes118
Size

33KB
MD5

fbc480ac78216ba64e416573c150e2f8
SHA1

3b25ab3a7360011eaee4131128230c4079bb7142
SHA256

50ce54e5e9beb158b1318b740202dc3f470320c37b5a277237fbb9e91af2e778
SHA512

987fb29d78f2ef4023b51c6e8bae5db6318cc03e6393295f991d69f37987daccd3cbb06ef21058d7b0474e2e348758680606d3c18641d7d557a79539b98b1ccf
SSDEEP

192:X5vGIBZOk7oyuDSq0qfc6YUYVbvYdXz+0W6WC2NnvLLmNQaSDq:XVGIT03Sqfc6vuDh6WC2NnvLKh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbc480ac78216ba64e416573c150e2f8_JaffaCakes118

Files

fbc480ac78216ba64e416573c150e2f8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

28264035dbd4393da4cd26e640890d40

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetLastError
ExitProcess
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent

advapi32

RegOpenKeyExW
RegOpenKeyA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text5
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ewtwe1
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ewtwe2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ewtwe3
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ewtwe4
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ewtwe5
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ