fdd0816a8f5e62f0aecbe59c1e95b5c2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fdd0816a8f5e62f0aecbe59c1e95b5c2_JaffaCakes118
Size

108KB
MD5

fdd0816a8f5e62f0aecbe59c1e95b5c2
SHA1

8d06b4df2643f9b114bd67e44cbd6a7a70128be6
SHA256

c745a512278564c4b13e3dc4a30f5ef5563c63ee73ae378c153153d9b9d389c4
SHA512

415c4beeba6f0989a60e232229a5e04654114fff9e216adfeabf907263f19412b14c5a7a7d4bbcf6d5da3ff808011014da99bddc5b3c19ca19a1ff39fe42b093
SSDEEP

1536:BRsGMUvnnXG1UoJEZswRmslPNJOaya5BH/NURDoq4OZZZLlCIiba:WWnXKJecslVJOadHaRD68wb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fdd0816a8f5e62f0aecbe59c1e95b5c2_JaffaCakes118

Files

fdd0816a8f5e62f0aecbe59c1e95b5c2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ec75a0eaf2ee7d1a385bf1a23b7b9965

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenFileMappingA
CreateThread
FindAtomA
ReadFile
DeleteFileA
FindFirstFileA
GetCPInfo
SetLastError
WriteFile
GetFileSize
GlobalFree
DeleteFileW
GetCommandLineA
GetFileTime
Sleep
OpenFile
DeleteAtom
CreateProcessA
GetConsoleMode
GetStdHandle
GetComputerNameA
GetLastError
ExitThread
ReadConsoleA

user32

IsWindow
InsertMenuA
EndDialog
CopyIcon
DrawIcon
DrawIconEx

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 26B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 835B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 25KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ