fcd061f7e7d0d39f4c8b780f33b0f115_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fcd061f7e7d0d39f4c8b780f33b0f115_JaffaCakes118
Size

163KB
MD5

fcd061f7e7d0d39f4c8b780f33b0f115
SHA1

b13dd47abdd83ca101ce75d1a2beaf96c419610a
SHA256

8d8504f10ef8bac5deea880db2d7b5f821ffa9922feb4a55a6a9232a5c41fc1d
SHA512

f27aca016d04f070eb54ab1da9021463cc5fe4e407444c4c8ce4fb0e911ef3daba5058237f8892c8e8b73fbea11540e0baa839206bfc6021eb6c1405fb1ba107
SSDEEP

3072:qI/nVYjKoA7DTbBQE3CqO8iRTSyc57Aw2xgIgdvj4CAwLTVs:qSnSKH/qEfWxSyc1ixgIQhy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fcd061f7e7d0d39f4c8b780f33b0f115_JaffaCakes118

Files

fcd061f7e7d0d39f4c8b780f33b0f115_JaffaCakes118
.exe windows:4 windows x86 arch:x86

54e079a0bef98d29110c32f621939ea5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

advapi32

RegCreateKeyExA
RegCloseKey
RegDeleteKeyA
RegOpenKeyExA
RegOpenKeyA
RegQueryValueExA
RegEnumKeyExA
RegSetValueExA

kernel32

VirtualQueryEx
LocalAlloc
CreateProcessA
RaiseException
EnumResourceNamesA
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
OpenFileMappingW
GetSystemTimeAsFileTime
InterlockedExchange

ole32

StringFromIID
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

Sections

.text
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ