fc8399faf2fc51addd84b60ff6a5a9c1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fc8399faf2fc51addd84b60ff6a5a9c1_JaffaCakes118
Size

25KB
MD5

fc8399faf2fc51addd84b60ff6a5a9c1
SHA1

6eaebe6c2d4793f0f5835be4a419bf59eab8a4f2
SHA256

8f835ebfd24e082f653950cb596f640d1e637d3c1b8da81d66a2c7304347dba6
SHA512

433cc6ea8481008d9e9d0e74f4453a54648de6c785b992d8d2e458be86e10530fd9addcfbcba82e629c21b7d1b73d2e053e19152717a8c584d09c3cbc6d4e8c9
SSDEEP

384:guRlMpuKIPxjvMvpY3jl4AAIHxyVf7jaiIGWXJd8UdmIv4Lwt/b1iDn:gcDKKdvyyzlYIRyVfjnJ8b1O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc8399faf2fc51addd84b60ff6a5a9c1_JaffaCakes118

Files

fc8399faf2fc51addd84b60ff6a5a9c1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

74a6cce7d9ef4aff16a0d60523fbf5dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
GetLastError
GetModuleHandleA
GetCommandLineA
ExitProcess
LoadLibraryA
GetProcAddress
Sleep
FreeLibrary
RtlZeroMemory
RtlMoveMemory
CreateFileA
WriteFile
CloseHandle
TerminateProcess
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
FlushFileBuffers
OpenFile

user32

GetDlgItem
SetFocus
EndDialog
SendMessageA
SetDlgItemTextA
LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ