fc1670c27b1f7482692503fffaa8a21a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fc1670c27b1f7482692503fffaa8a21a_JaffaCakes118
Size

441KB
MD5

fc1670c27b1f7482692503fffaa8a21a
SHA1

1e9d6e8aa7f960206f6867ea0a0f623643f7eacb
SHA256

b0fece233f620fd4b274625d5bcf32cf96e7529521e41fd18768ad5b30de8535
SHA512

414711c24d6ee7cc1ff9a3247fdfe6eec76dab59b214b31498747fd84a2f34e92ad14a666d4f2ae6dc1f4fed8abd53e79da8636151b7c2c848a8bd5134e70bb2
SSDEEP

6144:Lmx4CxyPzAW63p5ZCuZuI+Yg0pAKdUcBuRpbWszU6rZQamY:YxkAWgpvCuZLJDpAK3uRB9t2a1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc1670c27b1f7482692503fffaa8a21a_JaffaCakes118

Files

fc1670c27b1f7482692503fffaa8a21a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

89bb73eaaa76ad2b69f0dbc086b25f55

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFindAtomA
CompareStringA
GetOEMCP
GetProcessHeap
LocalAlloc
GetStdHandle
TlsFree
LoadResource
ReleaseMutex
SetEvent
TlsGetValue
VirtualAlloc
OpenSemaphoreA
GetThreadLocale
GetModuleHandleA
GetConsoleCP
LocalHandle
GetVolumeInformationA
CreateThread
GetPriorityClass
GetUserDefaultLangID

user32

GetClassNameA
GetActiveWindow
GetWindowTextA
InvalidateRect
DrawTextExA
IsWindowVisible
GetClassInfoExA
GetSystemMetrics
ShowWindow
CloseWindow
IsIconic
ReleaseDC
GetDC
GetWindowTextLengthA
ValidateRect
GetWindow
GetForegroundWindow
GetFocus
RegisterClassA

shell32

SHGetFileInfoA
SHGetFolderPathA
SHGetMalloc
SHBrowseForFolderA
SHChangeNotify

userenv

LoadUserProfileA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ