fcb2364eddb394beefd94fee3c897ef5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fcb2364eddb394beefd94fee3c897ef5_JaffaCakes118
Size

408KB
MD5

fcb2364eddb394beefd94fee3c897ef5
SHA1

bd98d814185e8dec1bd3c331badbada6e381a118
SHA256

e8c07a9b82d5375a795de2cb7a48007e9585492a32ac4d2b057bfeadf7d75142
SHA512

52db4352f6c31184aaf78f0cda42e1e1b339a975714e9ec0aa6b267d3d65bb17fe2d1fa45458f749eae8012bf0308bf002cb8fad305caed3a6ee37ad05becf56
SSDEEP

6144:/r4Q8YpQTXNd2eSVbzDXT+zxita6xnpe068bSJw6GJBDvNQ19:/UxYpyXNd2/bXXyotlxnpxXHJJw19

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fcb2364eddb394beefd94fee3c897ef5_JaffaCakes118

Files

fcb2364eddb394beefd94fee3c897ef5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cfac41548c699e5d4a9d7555a9a190e6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
LCMapStringA
ExitProcess
CloseHandle
LoadLibraryA
CreateFileA
GetCurrentProcess

user32

wsprintfA
CreateWindowExA
CharLowerBuffA
CloseWindow
SetWindowLongA

advapi32

RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegDeleteValueA
RegQueryValueA
RegSetValueA
RegCloseKey
RegEnumValueA
RegCreateKeyA

Sections

.text
Size: 320KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 56KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ