fd0283bc23ae9dcc0fbbe0add8a5b2aa_JaffaCakes118 | Triage

Sharing

General

Target

fd0283bc23ae9dcc0fbbe0add8a5b2aa_JaffaCakes118
Size

244KB
MD5

fd0283bc23ae9dcc0fbbe0add8a5b2aa
SHA1

b68553cd94d9db4cd563db5050f17cfa59e7ee41
SHA256

78d550f1cd318fabebc89c1fbd22b178dc3650085e9908cb3094425cf93a4947
SHA512

707fdb99c96d8b9bd90a7094fc440a40309d538865a8bfd96ecadc8ce52966223b5afd84c86a7987a2baaa935059fa6905b31bfc60d511c6c1546c86a9b0ceae
SSDEEP

6144:qOivxa68SMCoREu0o3g1LNY6WVvFj1CRTtnMyFoPIc0pvSgZ:qOV6zMCbub3GmJ1FRYtnMyyP6pNZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd0283bc23ae9dcc0fbbe0add8a5b2aa_JaffaCakes118

Files

fd0283bc23ae9dcc0fbbe0add8a5b2aa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

782facb7c135d1488e7a4f180f20cbcf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsFree
GetLogicalDriveStringsA
GetCurrentProcessId
LCMapStringA
EndUpdateResourceA
SetCurrentDirectoryW
SystemTimeToTzSpecificLocalTime
GetPrivateProfileStringA
GlobalAddAtomA
WaitForMultipleObjects
WaitCommEvent

user32

GetWindowThreadProcessId
EnumDesktopsA
TranslateMDISysAccel
MessageBoxExA

gdi32

GetCharWidth32A
CloseFigure
Escape

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 656B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data0
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE