fc836b6fd60891761b18ab72a4143703_JaffaCakes118 | Triage

Sharing

General

Target

fc836b6fd60891761b18ab72a4143703_JaffaCakes118
Size

49KB
MD5

fc836b6fd60891761b18ab72a4143703
SHA1

be61332afa76cd805cba1afad34ef80fcd2aa50f
SHA256

8383de44eb1012977fd73983a82e029cdd95df1bf4c8f504ffbd62381d293eb9
SHA512

91922f49099af79e0371a0e2126dfcf930fc1b1659ff67ad86648b6a368cdf14f1e7261e37f8af220aeb95a282a0dae189d149da307fabbdb49237c4e93b50a0
SSDEEP

768:XeErLWnd8e5cUJyxDz2/hoSEWcH98IUvhjHNATUbRtvo0bJd72B600a+Q:XP0Se2Uthz1IUvh7NATUbdtd72J0t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc836b6fd60891761b18ab72a4143703_JaffaCakes118

Files

fc836b6fd60891761b18ab72a4143703_JaffaCakes118
.exe windows:4 windows x86 arch:x86

64205b1e6ed46496ec37fd10f7eaee0a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryA
ExitProcess
FindNextChangeNotification
GetConsoleMode
GetLongPathNameA
GlobalAddAtomW
SetStdHandle
SetSystemTimeAdjustment
WritePrivateProfileStructW

advapi32

BuildImpersonateTrusteeW
BuildTrusteeWithSidA
ChangeServiceConfigA
CryptSetProviderExA
EnumDependentServicesW
GetEffectiveRightsFromAclA
GetSecurityInfo
GetTokenInformation
GetTrusteeTypeW
ObjectCloseAuditAlarmW
ObjectOpenAuditAlarmW
OpenProcessToken
RegConnectRegistryW
RegDeleteValueA

user32

DefMDIChildProcA
DrawStateA
EnumPropsA
FindWindowExA
GetWindowTextLengthW
InternalGetWindowText
LoadAcceleratorsW
LoadIconW
RegisterClassW
SendDlgItemMessageA
ShowWindow
keybd_event

shell32

Control_FillCache_RunDLLW
DuplicateIcon
FindExeDlgProc
SHGetDataFromIDListW
SHGetMalloc

gdi32

CopyMetaFileA
CreateScalableFontResourceA
EnableEUDC
GetClipRgn
GetROP2
GetTextExtentPoint32A
ScaleViewportExtEx

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE