fd6e4d31676159ee51e267736c636576_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd6e4d31676159ee51e267736c636576_JaffaCakes118
Size

290KB
MD5

fd6e4d31676159ee51e267736c636576
SHA1

bdec3ab857a28b4b81747721e4eb184f0e4e8cd3
SHA256

2732e4c1b23dded988e06bc4eaef11454997f8ef84b763fa1459c43259b40d30
SHA512

944bb9e05314cca3dac235b2dec04ccdb416159939551da57f30891b51468225b8743a83d27de72d764a4229c01fb6ec05289f85e7cecd5c3b2c09e2b257b009
SSDEEP

6144:MSG4iCST++DHwaMoSoPaJL9jx048MHN4eG:MSG3IaVSjxjPH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd6e4d31676159ee51e267736c636576_JaffaCakes118

Files

fd6e4d31676159ee51e267736c636576_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c8e092a3c95f886fe2739e2074503b9a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateEventA
CreateMutexA
CreateThread
EnterCriticalSection
ExitThread
GetCurrentThread
GetEnvironmentVariableA
GetLastError
GetProcessHeap
GetTickCount
GlobalAlloc
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
MoveFileW
ResumeThread
SetEvent
Sleep
TerminateThread
WaitForSingleObject
WriteConsoleA
WriteFile
lstrcmpiA
lstrlenA

user32

wsprintfA
DefWindowProcW
GetMenuItemInfoW
GetWindowLongA
InsertMenuW
LoadBitmapW
LoadImageW
PostThreadMessageW
RegisterWindowMessageW
SetScrollInfo
TileWindows

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ