fc01cc481d553c813e793e92f79e8097_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fc01cc481d553c813e793e92f79e8097_JaffaCakes118
Size

364KB
MD5

fc01cc481d553c813e793e92f79e8097
SHA1

46dc0780753d86163bacaa9cce7aecc9a71c0315
SHA256

1a4cb502e74427f4fc28c8f1a29afb0ba2257b57c9cee3328578eefc55f5a080
SHA512

0c1b3586b3cab2e0c093d9f5bbe225cfd562d4328351d0b24c68f1a7ba337dd9715f8fe060734bff017523d91b9ac277bfc18685dec713f6f1be9a093702430a
SSDEEP

6144:Z6Q7qb77OTZEX+Kbzg6qu1JtOXOJ13EtwEGbkhdt1qs3LU4YN:ZqbCOOQtO+7EeEfzqqL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc01cc481d553c813e793e92f79e8097_JaffaCakes118

Files

fc01cc481d553c813e793e92f79e8097_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ada64abd2a67c3ac1ad54c9faa665d56

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
GetVersion
LoadLibraryExA
HeapCreate
CompareFileTime
HeapReAlloc
GetAtomNameA
GlobalUnlock
GetTickCount
ResumeThread
SetLastError
GetConsoleDisplayMode
lstrlenA
GetModuleHandleA
WaitForMultipleObjects
GetConsoleCP
GlobalSize
InterlockedExchange
WaitForSingleObject
GetCommandLineA
GetUserDefaultLangID

user32

DragDetect
CreateIcon
GetWindow
wsprintfA
ShowWindow
GetTitleBarInfo
DrawTextA
FillRect
BeginPaint
GetClassNameA
GetParent
AnyPopup
SetForegroundWindow
FrameRect
GetDC
GetFocus
EndPaint
GetCursorPos
ReleaseDC

rastapi

DeviceDone
AddPorts
PortClose
DeviceListen
DeviceConnect

quartz

DllGetClassObject

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 572KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ