fdb057775d942e39c1b1b9f4df4a0ad9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fdb057775d942e39c1b1b9f4df4a0ad9_JaffaCakes118
Size

41KB
MD5

fdb057775d942e39c1b1b9f4df4a0ad9
SHA1

b61d3f5fb6a3c2e40df177192d57f52a6cff8df4
SHA256

37726611ff1b3ab941f8a7957683b14f7e78c4ad98d7498d9524d9e58dd6ef34
SHA512

284364d6dd29bb6d687284a36bc278e9d25e46913f213387424d85d7f90c5c8bd0da7af6691d44492aba628676d02dc2941fbb76d57ed9202811f38782fe6af1
SSDEEP

384:89lGyny3+m+dJ1sxGuFqdmFP0IxJp5fiN6+2Go2rVzyQV305Kgo6pNWKDiKDiKD:89wFjAuxxiNCGo2p50oJK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fdb057775d942e39c1b1b9f4df4a0ad9_JaffaCakes118

Files

fdb057775d942e39c1b1b9f4df4a0ad9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

410b3a22f01a6e4eab9d8e9fc7fe8815

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetCurrentThread
LocalFree
VirtualAlloc
LoadLibraryA
LocalAlloc
GetProcAddress
GetModuleHandleA
GetVersionExA
CloseHandle
GetLastError
GetThreadLocale
GetFileType
GetVersion

user32

GetFocus
GetKeyState
DispatchMessageA
TranslateMessage
BeginPaint
EndPaint
GetMessageA
CharNextA

advapi32

RegOpenKeyA
RegOpenKeyW

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 682B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ