fc34def261279c552028c5ef89bc0f46_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fc34def261279c552028c5ef89bc0f46_JaffaCakes118
Size

3.8MB
MD5

fc34def261279c552028c5ef89bc0f46
SHA1

d1239942cb4edf79cff6f5fa9698136dcedc2c52
SHA256

ff3589c184eaee4f66259865da1959c0b366332375e45ec056e03552bf18c1a7
SHA512

65eea0ceeb9103111fc320732ff0c1a5f0a537f4d1e9aeb8bb373e25b5df5b0cb46f88a3b0270f377f2c79a0bc67beb265a1e7bec64376720201b7ab47a765f1
SSDEEP

98304:4eMEK2iGGg4hUfQq7cm+1t3oNlQ/y9QhJxYpUAIu:vcA0hUJ7N+zWE8Qh4OAj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc34def261279c552028c5ef89bc0f46_JaffaCakes118

Files

fc34def261279c552028c5ef89bc0f46_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3d3802abcf4f63986c9134f93614b2bb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentActCtx
OpenProcess
OpenFileMappingA
CreateFileMappingA
UnmapViewOfFile
VirtualAllocEx

user32

EnumChildWindows
InflateRect
WaitForInputIdle

tapi32

lineMonitorTones

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1.8MB - Virtual size: 7.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ