fc90256efd965572b3ca22f64ead4783_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fc90256efd965572b3ca22f64ead4783_JaffaCakes118
Size

295KB
MD5

fc90256efd965572b3ca22f64ead4783
SHA1

f5aea9cb2fc3dced57c0ef290f7b12c2ae36a283
SHA256

b695f2f8a139cb30fb5dc465acc71f4cbe0d5835dce3be4c4bf6d136f7290bcc
SHA512

06bfa0720e74cdec2e5741c45e1d2f86988d0e488792c10e892e3f2c2459746bf997198d4b7776cd738dfb2b3130d6da5fd9140c7fc232e74b31ae6c1255e625
SSDEEP

6144:OWEJx0ZOWrtM+8a91pYkwASjEmzCyAv2IvCjD37J3ApdI3vbgrCz9W:mOp3Lm+2IvCH37+pdgv1z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc90256efd965572b3ca22f64ead4783_JaffaCakes118

Files

fc90256efd965572b3ca22f64ead4783_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eab748594b3725714e16c1add6c27aeb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
CreateMutexW
CompareStringA
CompareStringW
GlobalSize
GetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FreeResource
OpenThread
TerminateThread
CloseHandle
GlobalAlloc
GlobalLock
GlobalUnlock
lstrcpynW
LoadLibraryW
GetWindowsDirectoryW
GetSystemDirectoryW
MultiByteToWideChar
LoadResource
LockResource
SizeofResource
FindResourceW
ExitThread
GetLongPathNameW
GetFileSize
VirtualAlloc
ReadFile
VirtualFree
CreateThread
GetModuleFileNameW
GetCommandLineW
GetTempPathA
GetTempFileNameA
IsValidCodePage
WriteFile

Sections

.text
Size: 255KB - Virtual size: 255KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ