fdf45ffe50f0750c3806eb5f5cda29b2_JaffaCakes118 | Triage

Sharing

General

Target

fdf45ffe50f0750c3806eb5f5cda29b2_JaffaCakes118
Size

97KB
MD5

fdf45ffe50f0750c3806eb5f5cda29b2
SHA1

451e71145c77cf270f5da8d811b587a47159ec3a
SHA256

b806e2371e9e6df0f51eb6cf5515c6d0a595ec454b7228eeebe12829cd5a5262
SHA512

e12f1a5f126b40dc02acd94876a5f4460fa51ac796421e88a08ed5de09a3b4359592ce22d1d578a42927af833398808a080d92f791b24c495e3241ff9c17e567
SSDEEP

384:HzSrZywyzeGkNGUJjBehvS1Wg9x+8TYdAt44f+dYXJjas+1qHXayNuE9IjJtS8:HLB4vv1Fz8O4lMhcCVukIjJtF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fdf45ffe50f0750c3806eb5f5cda29b2_JaffaCakes118

Files

fdf45ffe50f0750c3806eb5f5cda29b2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

023ffe40c6f8302e3444f9047e2f27ad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCommandLineA
GetComputerNameA
GetCurrentProcess
GetDateFormatA
GetFileAttributesA
GetFileSize
GetLocaleInfoA
GetProcAddress
GlobalAlloc
FormatMessageA
ReadFile
SetErrorMode
Sleep
VirtualAlloc
WaitForSingleObject
lstrlenA
FindClose
ExitProcess
EnterCriticalSection
CreateThread
CreateFileA
CreateEventA
LoadLibraryA
CloseHandle

advapi32

RegQueryValueExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyExA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegCloseKey

user32

BeginPaint
CallWindowProcA
CharNextW
CheckDlgButton
CreatePopupMenu

Exports

Exports

SfcGetFiles

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ