fccb4751ca4bea12cc073b25c7da0c8a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fccb4751ca4bea12cc073b25c7da0c8a_JaffaCakes118
Size

8KB
MD5

fccb4751ca4bea12cc073b25c7da0c8a
SHA1

e3e19dc5a27df55f1bfaa0c562eef189882997cf
SHA256

5b67d8ce14ad94bcd98d39f6a50998662e89938015f1c781861c7ea764088051
SHA512

0188fe097cf3ba3d9011548b9a5bf03ea52807a6a02c1cc8d035a1825a80cb3c8ef856cf12979d9709351454add1bf5904d0d8a5e279359e240ae5e478abd3ba
SSDEEP

192:PGW4boVnQrzTwc2pc0APtGAUQEYrAs7/WcUSt17kuG:PzaQQrzUAPtGAUQlrAsqcXXdG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fccb4751ca4bea12cc073b25c7da0c8a_JaffaCakes118

Files

fccb4751ca4bea12cc073b25c7da0c8a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c72f6dea011ea41b172c26e76b1c6d36

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClassExA
ShowWindow
LoadIconA
LoadCursorA
TranslateMessage
UpdateWindow
PostQuitMessage
SendMessageA
GetMessageA
DispatchMessageA
DefWindowProcA
CreateWindowExA

kernel32

lstrcpyA
lstrcatA
TerminateThread
SleepEx
RtlZeroMemory
LoadLibraryA
GetProcAddress
GetModuleHandleA
CancelWaitableTimer
CloseHandle
CreateMutexA
CreateProcessA
CreateThread
ExitProcess
GetCommandLineA
GetCurrentDirectoryA
GetLastError
GetModuleFileNameA

shell32

Shell_NotifyIconA

urlmon

URLDownloadToFileA

advapi32

RegSetValueExA
RegOpenKeyExA
RegCloseKey

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ