fc446363bd0a486caaa751f321e72b06_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fc446363bd0a486caaa751f321e72b06_JaffaCakes118
Size

379KB
MD5

fc446363bd0a486caaa751f321e72b06
SHA1

7881ff4b5c56ebf9e299bd09a42e10e21849d379
SHA256

ebd44ab37ce83c9253127e434df0761fe6993fd88f21fab61e001542c7da9117
SHA512

f3edd37e07311340b509739ca646367204b9211fd5099fde9e61ca315c918fae8b6427514ca89d314d41093e1b775b88a05832c8dd8181889747c6b403aa57d2
SSDEEP

6144:y2PHtyGegTW6wQc76eS1Zrbiwq+0/FxP/rHsjE7:yYNzegTW6wl76xVNIzPTHsjE7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc446363bd0a486caaa751f321e72b06_JaffaCakes118

Files

fc446363bd0a486caaa751f321e72b06_JaffaCakes118
.exe windows:1 windows x86 arch:x86

359684a0387c8dc4a528a2b52ffcedad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetBkMode
SaveDC
BitBlt
CreateFontIndirectA
SetTextColor
RectInRegion
RestoreDC

kernel32

Module32First
HeapCreate
GetCurrentDirectoryA
GetModuleHandleA
GetStartupInfoA
WideCharToMultiByte
HeapAlloc

user32

SendMessageA
GetWindowThreadProcessId
ExitWindowsEx
KillTimer
CloseClipboard

version

GetFileVersionInfoA
VerQueryValueA

ole32

CoInitialize
CoSetProxyBlanket
CoUninitialize
CoCreateInstance

msvcrt

_wexecl
fgetwc
_XcptFilter
exit
_controlfp
_acmdln
_adjust_fdiv
_exit
__getmainargs
__p__fmode
_initterm
_except_handler3
__p__commode
strpbrk
__setusermatherr
_getwch
memcpy
__set_app_type

shell32

SHGetMalloc
SHGetSpecialFolderLocation
ShellExecuteA

comdlg32

GetSaveFileNameA
ChooseFontA
GetOpenFileNameA

comctl32

InitCommonControlsEx
ImageList_Create

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 248KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ