fbf6d5edc90f7da46f84e3b933915735_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fbf6d5edc90f7da46f84e3b933915735_JaffaCakes118
Size

7KB
MD5

fbf6d5edc90f7da46f84e3b933915735
SHA1

7fc7e38f09ee967a9060f0c01059db22a4305817
SHA256

e1eb976b69172fe62dddd970be8dfaa115f2ac2fb8e79828019561d0fcab8b52
SHA512

f2da16f2d3882b7121c04a4bb3cd9d1da383da8adba448d3e9e8829b79f4980ae66f5834f6d7f8075b632bc9fecc5d43f7b2ab4299da737dbdff4c6f946a7151
SSDEEP

192:i5scvSjR0xB76U4MSF0qh5qE3RZ9HP1oyn:i576MsMSz5q89v1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbf6d5edc90f7da46f84e3b933915735_JaffaCakes118

Files

fbf6d5edc90f7da46f84e3b933915735_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bdc44fa1f1b0cd9481b44f7d2f00e0e4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetPriorityClass
GetCurrentProcess
lstrcatA
lstrcpyA
GetEnvironmentVariableA
GetShortPathNameA
GetModuleFileNameA
FreeLibrary
GetProcAddress
LoadLibraryA
GetStartupInfoA
GetCurrentDirectoryA
GetPrivateProfileSectionA
GetFileSize
CloseHandle
WriteFile
GetCurrentThread
GetTempPathA
Sleep
lstrcmpiA
GetSystemDirectoryA
GetModuleHandleA
VirtualAlloc
VirtualQueryEx
ReadProcessMemory
GetThreadContext
TerminateProcess
SetThreadContext
WriteProcessMemory
VirtualProtectEx
ReadFile
VirtualFree
SetThreadPriority
CreateProcessA
CreateFileA
ResumeThread

user32

wsprintfA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

msvcrt

_initterm
strstr
??3@YAXPAX@Z
??2@YAPAXI@Z
strncpy
strcspn
memmove
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_controlfp
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3

iphlpapi

GetAdaptersInfo

Sections

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE