fc0b8d6d96d4426d44eaeb95f36b2103_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fc0b8d6d96d4426d44eaeb95f36b2103_JaffaCakes118
Size

117KB
MD5

fc0b8d6d96d4426d44eaeb95f36b2103
SHA1

e0ec638568a432b1be96eb85216390591c277a86
SHA256

1d6c364519e6ab3bbc992fa706bfadac93e2e94f1d89c3b93d1aaad4a9510c74
SHA512

1e75bb80d582c027676c96295aa100280f41e8d1dce3e608af47bdd2a5041587adbecc0800dc40d3c665fd50a6e07211636215d754a92bd110475964706ef37d
SSDEEP

3072:kKWL+JY5GNkTCRqp1apzo4ApOkZ+0OsT3z:kK71imgQsEkdOsb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc0b8d6d96d4426d44eaeb95f36b2103_JaffaCakes118

Files

fc0b8d6d96d4426d44eaeb95f36b2103_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2f7665e112ae06d89c982b4188f72aee

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

R:\viYaY\jNGtwb\BDujQvg.pdb

Imports

user32

CharToOemBuffA
DefDlgProcA
GetWindowTextLengthW
GetMessageTime
SendDlgItemMessageW
RegisterWindowMessageA
GetActiveWindow
IsMenu
GetCaretBlinkTime
wsprintfA
DispatchMessageW
GetScrollPos

gdi32

GetDeviceCaps
StartDocW
SelectObject
GetBitmapBits
GetTextFaceW
LPtoDP
DeleteDC
CreatePalette

kernel32

GetVersionExW
SetCurrentDirectoryA
GetStartupInfoW
GlobalDeleteAtom
CreateFileA
FormatMessageW
FindFirstFileA
lstrcatA
GetNumberFormatA
lstrcpynA
IsValidLocale
FindResourceExA
lstrlenA
WaitForDebugEvent

Exports

Exports

?vqcMZiknRixzdcTbEXw@@YGPAJPAE@Z
?kopSqjW@@YGXPAG@Z
?ewqkklSnBHBzcfu@@YGJPA_N@Z
?JktvflVAjXnMc@@YGDPAGH@Z
?gsuygDeaijxxxjRzqY@@YGJK@Z

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ