fc58d5f1e7f273ad6fb37acc1b48f90a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fc58d5f1e7f273ad6fb37acc1b48f90a_JaffaCakes118
Size

635KB
MD5

fc58d5f1e7f273ad6fb37acc1b48f90a
SHA1

acce9858cad220f3f1490ee7980a14e71660831d
SHA256

ffb601e8bbc0747f3ad3df0b703236ea318fdb1e2998257397b0290b52daca2e
SHA512

7cea5de97ce00fad457157c65cc522a8da307b70d1343bf66a72ba0ad5c5b8ee0db64d565f0eca11ff3eff985d2997c4621a9f6f3c3693a71a0927c7bb5e31b2
SSDEEP

12288:F9J+a6O5sacse96p6dRg6qgpT5SLIXvsez0buBKki6gEuGLA:Fb76Os19UuRg6qghkkXvse4iUkaEQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc58d5f1e7f273ad6fb37acc1b48f90a_JaffaCakes118

Files

fc58d5f1e7f273ad6fb37acc1b48f90a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5bb5a3e96ff97038c89941d2be5af221

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
RemoveDirectoryA
FindFirstFileExA
GetStdHandle
VirtualProtect
GetACP
SetErrorMode
Sleep
GetCommandLineA
GetLastError
GetLocaleInfoA
InterlockedExchange
GetSystemDirectoryA
GlobalFree
EnterCriticalSection
HeapCreate
RaiseException
LoadLibraryExA
ResetEvent
SetEvent
FindClose

user32

EndPaint
SetForegroundWindow
FillRect
SetActiveWindow
GetWindow
GetWindowTextA
GetParent
FrameRect
BeginPaint
ValidateRgn
FlashWindowEx
GetFocus
ShowWindow
GetClassNameA
DrawTextA
GetCursorPos
wsprintfA
IsIconic
ReleaseDC

dnsapi

DnsApiFree
DnsFree
DnsStatusString
DnsApiAlloc
DnsIsStatusRcode

clbcatq

CoRegCleanup

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ