fe0e03aaba47974921386884cb9798e3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fe0e03aaba47974921386884cb9798e3_JaffaCakes118
Size

157KB
MD5

fe0e03aaba47974921386884cb9798e3
SHA1

e2eee3110395109428ac1fc690de4384b05a0117
SHA256

56ae1e33ccbb33bac51fc25bf8db369380179ea1c05eab989d94a6ad0cea3d77
SHA512

c5d2b3aa951615c47279dc4458288be53cef6a4c3a66dfb108fdd9ce21ea5d81003b535a7b7b557fc01694e666dfc066340a837092bcd780ddcef64138bb1499
SSDEEP

3072:ID2YfwHS9afQXfpU523++Xrby1CktubTTPJPnWHkzUCemskECp6re:BHZfMfS523+pY+4TTP9WHkzUCXsOp6r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe0e03aaba47974921386884cb9798e3_JaffaCakes118

Files

fe0e03aaba47974921386884cb9798e3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

395043b57d6a916d109bdfc538d55307

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

FreeLibrary
LocalFileTimeToFileTime
GetNextVDMCommand
SystemTimeToFileTime
FindFirstFileW
SetThreadPriority
FindResourceW
CompareStringA
FileTimeToSystemTime
FindNextFileW
EnumResourceNamesW
GetShortPathNameW
SetEnvironmentVariableW
SetCurrentDirectoryW
GetLocalTime
SetErrorMode
RegisterWaitForSingleObject
GetStringTypeW
FindClose
LoadResource
FileTimeToLocalFileTime
SearchPathW

user32

ValidateRgn
ValidateRect
ReleaseCapture
ExcludeUpdateRgn
RealGetWindowClassA
SetCapture
InvalidateRgn
GetCapture
GetUpdateRgn

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ