fded4ffffd4e370e233d987a98a7ae68_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fded4ffffd4e370e233d987a98a7ae68_JaffaCakes118
Size

17KB
MD5

fded4ffffd4e370e233d987a98a7ae68
SHA1

b093d467674c86f838aec050a138e88ff163c9c2
SHA256

66d61a1386b46fae7096b38d2f478b5a91224d0eb54998162296bc1e464a8321
SHA512

a02ebc34bf7c34a168aa2d4fcbb9d6e65db434e26abd64da8adf7a20129ae2480cf82ae9439370094d0416ff8b537694fad6b42eda05e20d7f4fc50ff4477e5e
SSDEEP

384:HWPCXAIfw8la462UXd9vu0MhSFKxQGGZfWwY:HWP1Ifw8lgtJbF2Q5db

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fded4ffffd4e370e233d987a98a7ae68_JaffaCakes118

Files

fded4ffffd4e370e233d987a98a7ae68_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a7834d3d067143f6b2f068f7e2e4331a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GlobalFree
GetThreadLocale
lstrcpynA
GlobalUnlock
GlobalAlloc
GetModuleHandleA
GetFileSizeEx
GlobalLock

tapi32

lineSetCallData

user32

CallNextHookEx
GetMenuState
GetMenuCheckMarkDimensions
GetInternalWindowPos
GetWindow

Exports

Exports

Hhvbxiu
InitWjmrcyqbtu

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ