fcedf1c3b504454f5024f4edcb8978f4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fcedf1c3b504454f5024f4edcb8978f4_JaffaCakes118
Size

56KB
MD5

fcedf1c3b504454f5024f4edcb8978f4
SHA1

35738a490fc7e98b48cc423ed19443cee3df9a88
SHA256

90eda995672a8c80701f9541ee147974797d011c87ddaa4afbf226e5449c1408
SHA512

01d6e8834a8398809271f84db7bfd4d2a73b0941ee5a526abd610390d9c632f352a67a240e626df7071934fbdf7b96cb8d6ee993b99440a33ad8b1514531896f
SSDEEP

1536:H4L8tTtbqxXTGSEK2Q/0cgx6QroS/mvyxS:H4wtTtqxj8u/0XxIS+v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fcedf1c3b504454f5024f4edcb8978f4_JaffaCakes118

Files

fcedf1c3b504454f5024f4edcb8978f4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3936b57bebf54a06d81764c630e25aa1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

K:\oKqfvriMLohcL\ePlAeWkcQjjxfd\jvnsgVnrwkT\zrwNmfLOi.pdb

Imports

gdi32

GetDeviceCaps
GetFontData
EnumFontFamiliesExW
ScaleWindowExtEx

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_amsg_exit
_initterm
_ismbblead
_XcptFilter
_exit
_cexit
memset
__setusermatherr
wcsrchr
__getmainargs
mktime
atoi

user32

TranslateAcceleratorW
MoveWindow
PostThreadMessageW
ScreenToClient
wsprintfW
MessageBoxW
DrawFocusRect
GetDC

kernel32

lstrlenA
LoadLibraryExA
GetModuleFileNameA
CancelWaitableTimer
GetWindowsDirectoryW
lstrcmpiW
LoadLibraryA
DeleteCriticalSection
GetACP
SetMailslotInfo
AreFileApisANSI

shlwapi

UrlGetLocationW
ChrCmpIW

Exports

Exports

?CreateDlgMessage@@YGHPAXPADK|U

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idir
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 26KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE