fcb4b481fe3f78db48225dc8ad551f68_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fcb4b481fe3f78db48225dc8ad551f68_JaffaCakes118
Size

32KB
MD5

fcb4b481fe3f78db48225dc8ad551f68
SHA1

b8030430f92440020e7c83ef31279d318689c5d1
SHA256

3f6f84caa1c106386f5bde01e01fa0c88dd53f100b27fa7fe5cdd5d153051dc4
SHA512

6ab893863c3394084c41b9d28dd7ca8b39a8bcbbc7c3973f802cfce4fefd5505f033ec16318a2a5146724295f9fd42d417216e0bc7759f59dac0d91f5be51ea4
SSDEEP

384:6MfBmqF+Qs5iwvOzxyI5s1eRLhSgEQiZ+4cOA5tmbO251KDpKDpKDM:6MB+QYiwvSxyUsOhSgEbcOg0bOi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fcb4b481fe3f78db48225dc8ad551f68_JaffaCakes118

Files

fcb4b481fe3f78db48225dc8ad551f68_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ea102a6c92db52adc357d42e011d09b0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA
CloseHandle
GetLastError
GetThreadLocale
GetProcAddress
VirtualAlloc
LoadLibraryA

user32

DispatchMessageA
TranslateMessage
GetMessageA

oleaut32

VarCat

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ