fde193f78efc8ebc4a18dacf06449904_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fde193f78efc8ebc4a18dacf06449904_JaffaCakes118
Size

75KB
MD5

fde193f78efc8ebc4a18dacf06449904
SHA1

bf988e7fd65df027a17d4c84751dbca5d76e76ea
SHA256

2d84bc327de0160304b4bc4a0ecff5a0c0d7a717d81dba1deaf087d3201d9e83
SHA512

56bf6bae99fed0a099bd4e7cc677a0976b9815d4400b2108661dd74153e1d240a6e9e2d16bd700e820003b56011ccb0831a6a99b759203962d727a896bd2f9fb
SSDEEP

768:M55QkD5dSsxusWg1ooYLNIaB4qc0oSi+QmFGU34bgrOfUM32kwcZeJnCJFrb363Z:gX5dSKWg1De+Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fde193f78efc8ebc4a18dacf06449904_JaffaCakes118

Files

fde193f78efc8ebc4a18dacf06449904_JaffaCakes118
.exe windows:4 windows x86 arch:x86

951eb98dd1094e58f3992aa49204d3c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
AllocateAndInitializeSid
FreeSid
CheckTokenMembership
RegCloseKey

user32

GetDesktopWindow
wsprintfA
GetWindowRect

ole32

StringFromGUID2
CoCreateGuid

oleaut32

SysAllocStringLen

ws2_32

WSAStartup
WSCUnInstallNameSpace
WSAGetLastError
WSCInstallNameSpace

kernel32

IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
lstrcpyA
DeleteFileA
GetTempPathA
CloseHandle
GetVersionExA
GetModuleFileNameA
LockResource
GetTempFileNameA
GetSystemDefaultLangID
ExitProcess
FindResourceA
lstrlenA
lstrcpynA
LoadResource
ExpandEnvironmentStringsA
WriteFile
WideCharToMultiByte
Sleep
SizeofResource
CreateFileW
lstrcatA
MultiByteToWideChar
VerLanguageNameA
RtlUnwind

shell32

SHFileOperationA
ShellExecuteExA

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ