fc09943be566d931f9ff9960fbd3d3f0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fc09943be566d931f9ff9960fbd3d3f0_JaffaCakes118
Size

5KB
MD5

fc09943be566d931f9ff9960fbd3d3f0
SHA1

c0646a305d0b4d29cad7ef6dec291f5378ac834b
SHA256

1049f90181c87dade972c243909183dac75ba56738df5b9e6458dee19bd59e28
SHA512

6084414b260fa40f14dd0851ff448c5a561d53c1fcd8ec521d6dd803a24a1631b678b94428e4a26cb23cc68d478fb822bc640629ace7a2adb68bdbb90daa7e2c
SSDEEP

96:OLElQxrgi0WO5aSJcXoM3Bn5FnfdWIyq6:soQVHXoGBnnn1WIyq6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc09943be566d931f9ff9960fbd3d3f0_JaffaCakes118

Files

fc09943be566d931f9ff9960fbd3d3f0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4dc7319125d09d349679e58854714f20

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventA
lstrcatA
lstrcpyA
WideCharToMultiByte
WaitForSingleObject
CompareStringA
CreateToolhelp32Snapshot
Process32First
CloseHandle
SetFileAttributesA
GetModuleFileNameW
ResetEvent
HeapAlloc
HeapFree
GetProcessHeap
ExitProcess
GetModuleHandleA
SetEvent
ExitThread
GetProcAddress
CreateThread

user32

EndPaint
ShowWindow
DispatchMessageA
PeekMessageA
CreateWindowExA
TranslateMessage
MsgWaitForMultipleObjects
DestroyWindow

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE