fc2df8c2e9d1f50c1b08f1982214dc2a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fc2df8c2e9d1f50c1b08f1982214dc2a_JaffaCakes118
Size

372KB
MD5

fc2df8c2e9d1f50c1b08f1982214dc2a
SHA1

494cc6e3c769052de8207aef7a28adc3f3579968
SHA256

4dd327a94c006639cfb1fe4be945901d83135a10fc9e13e2c853e7b5ed1e2708
SHA512

179059acd04f8e4f4b4261d29eea70faf4358d2400b66554f49cdea68aa7f96bba20047891aedd4602ec88994d9d9fc8ab574f181d142763c689a7923e1e619e
SSDEEP

6144:mtT1jvjVcVAC2FXgEr8fE0ASg3/YQvRNMVlJi41fv4Dw:0vjVkCrSvoZNyl5fwD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc2df8c2e9d1f50c1b08f1982214dc2a_JaffaCakes118

Files

fc2df8c2e9d1f50c1b08f1982214dc2a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

483aede8443018325350c5bbcb08c7dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
VirtualAlloc
ReleaseMutex
SetEvent
GetTickCount
FindVolumeClose
LocalFree
GlobalSize
GetExitCodeProcess
GetLocalTime
GetModuleHandleW
ExitThread
CloseHandle
GlobalFree
GetComputerNameW
GetPrivateProfileIntW
FreeConsole
CreateFileW
GetDriveTypeA
ReadFile

user32

GetCursorInfo
GetClientRect
DispatchMessageA
EndDialog
DrawStateW
CallWindowProcA
GetClassInfoA
CreateWindowExA
GetMenu
GetSysColor
SetFocus
GetDlgItem
GetKeyState

clbcatq

DllGetClassObject
ComPlusMigrate
ComPlusMigrate
ComPlusMigrate
ComPlusMigrate

ntshrui

IsPathSharedA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 363KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ