fd0aa4bda00a1a8ac2f42d7a9bf087d9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd0aa4bda00a1a8ac2f42d7a9bf087d9_JaffaCakes118
Size

321KB
MD5

fd0aa4bda00a1a8ac2f42d7a9bf087d9
SHA1

fc3641a6a3b233b406ecc91d60ebbb595e378539
SHA256

0a8a9b86106b18dcfe1005c630e46ba0a4ca8b21f6e0fdaa06ea8301160e62e3
SHA512

9dbabfadb42c139ba2101f6cff8442739dad33b7bea1ab950691763b8b62f4374f66df3a8dd92b497c29aa2e325d886c889bd8217659761369e1762d59480495
SSDEEP

6144:WdVhzctJoYKS6/TJ80uIe1NF/5dVI4vYXbuleeehcJY1CZ/Hko8ZjJjsXPpPkYfE:WdctJM/TJXe1RLYrutehGZ/v6JAXhMYs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd0aa4bda00a1a8ac2f42d7a9bf087d9_JaffaCakes118

Files

fd0aa4bda00a1a8ac2f42d7a9bf087d9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2f7738180f6d9d2d69c3f7e4e9506922

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
InterlockedExchange
GlobalFree
GetACP
GetStdHandle
Sleep
LockResource
GlobalUnlock
SetConsoleOutputCP
GetDriveTypeA
EnterCriticalSection
GetLastError
RaiseException
SetErrorMode
GetLocaleInfoA
HeapCreate
FoldStringA
VirtualProtect
GlobalAddAtomA
LoadLibraryExA
GlobalDeleteAtom

user32

GetCursorPos
GetMenuItemInfoA
ShowWindow
CharToOemBuffA
SetForegroundWindow
GetWindowTextA
GetFocus
ClipCursor
DrawEdge
IsIconic
GetClassNameA
ReleaseDC
GetParent
BeginPaint
EndPaint
GetActiveWindow
DrawTextA
ValidateRect
GetWindow

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerInstallFileA
VerFindFileA
VerQueryValueA

rasadhlp

WSAttemptAutodialName

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 704KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ