fc3304ddf2544205bd65bbed2c8ea031_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fc3304ddf2544205bd65bbed2c8ea031_JaffaCakes118
Size

22KB
MD5

fc3304ddf2544205bd65bbed2c8ea031
SHA1

eb4057ea7663df304e6ef236bb2100a992d21860
SHA256

e09a40370be107508d97e86f0dac00a08ce524b64d4a94ff331479798cb42058
SHA512

80e7cc1c933ac7a0f0e9b3f872961e2606d5283f29a47b7ebe35debb15e09fc24360c7b9375995e829d1b16b546d286f3a82ef579fb18b9fd69edccb9f989fbd
SSDEEP

384:T6m2ZKK8LQ3Xqo9SLjkX83nmkmwYteKBSFV9o8QrwM6gVfX2JPus+O:T6m2ZKK8cqm7XwqwY4KgLy1s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc3304ddf2544205bd65bbed2c8ea031_JaffaCakes118

Files

fc3304ddf2544205bd65bbed2c8ea031_JaffaCakes118
.exe windows:1 windows x86 arch:x86

3f1fd416d2d15acd20795d00ede68df6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynA
GetShortPathNameA
GetPrivateProfileStringW
FindResourceExW
GetCurrentDirectoryA
GetLogicalDriveStringsA
GetProfileSectionW
GetPrivateProfileStringW

user32

GetTabbedTextExtentA
DdeInitializeA
DialogBoxParamW
LoadIconA
GetMessageA
DefDlgProcA
DrawTextExW

gdi32

CopyEnhMetaFileW
GetTextExtentPoint32A
GetEnhMetaFileA
GetICMProfileA
DeviceCapabilitiesExA
SetICMProfileA
GetLogColorSpaceW

Sections

.rdata
Size: 18KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.��
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 741B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ