fbe3ada44c99cf7271dbabc48bc3f256_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fbe3ada44c99cf7271dbabc48bc3f256_JaffaCakes118
Size

64KB
MD5

fbe3ada44c99cf7271dbabc48bc3f256
SHA1

f326f47953eaf558c512389dd7ac066d03595e47
SHA256

bb3df6d6acce90d68b9b91989dec9ceea4906d9548879844a8d43bd0deca047d
SHA512

24940d83d5b19cc8ee94a6d418a1e62ef92280bae6643d10cd48007be8a07a2c0509d7c620d9981ce3f0c5ac0c78fe450f05e7edd83ad6588387beb9467f1c7b
SSDEEP

1536:vcmva3jFFCOYnb7R26DM1S9FpRN8n87nXMQ6l:vDa3ZFCOAZD9zRNGOn8fl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbe3ada44c99cf7271dbabc48bc3f256_JaffaCakes118

Files

fbe3ada44c99cf7271dbabc48bc3f256_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6764baeb8d960aa00c9977cb9882bb94

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DriveType
FreeIconList
OpenAs_RunDLL
SHFindFiles
SHFree
SHUnlockShared
PathResolve
SheConvertPathW

kernel32

ExitThread
CreateThread
FatalExit
ExitProcess
CreateThread

user32

GetMenuState
CharToOemW
GetClassWord
DestroyCursor
CreateIconIndirect
FindWindowW
GetUpdateRgn

Sections

.text
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE