fe556e404cc52b4684c682a9f58518ac_JaffaCakes118 | Triage

Sharing

General

Target

fe556e404cc52b4684c682a9f58518ac_JaffaCakes118
Size

242KB
MD5

fe556e404cc52b4684c682a9f58518ac
SHA1

e8a99938fa9bb9b20a251ef02ac8c50b1430648b
SHA256

469602c40055c0f5ff9d9950e741399dee747076620cc90cba0f4204985767cd
SHA512

1149576238754490f78c5eeac7163c3e900a69e32bb15b034cd6bc1f5d51d9071a9741f81ad74ccd13e142fbdb7e129fde082648e5b5c4dc16a39a3f4aa5b3fa
SSDEEP

6144:a8nunPuGRppmMxomdvtf17FLYnzOy0FHChI74i:a8ipQM/dvtxOnCLChI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe556e404cc52b4684c682a9f58518ac_JaffaCakes118

Files

fe556e404cc52b4684c682a9f58518ac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fe6ca946a56d9b2435f62f4711314d08

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDBCSLeadByte
GetModuleFileNameA
FreeLibrary
GetSystemDefaultLCID
GetLogicalDrives
GetCommandLineA
TlsFree
GetSystemDefaultLangID
VirtualAlloc
GetModuleHandleW
lstrcmpA
GetCurrentProcess
lstrcatA
GetACP
GetDriveTypeW
GetCurrentThread
GetCurrentThreadId
GetCurrentProcessId
TlsGetValue
TlsAlloc
TlsSetValue

user32

GetForegroundWindow
RegisterClassA
CreateWindowExA
GetDC
GetWindowTextLengthA
GetClassLongA
GetFocus
UpdateWindow
ReleaseDC
GetWindow
GetWindowDC
IsWindowVisible
IsIconic
BeginPaint
GetWindowLongA
ShowWindow
GetSystemMetrics
GetActiveWindow
GetWindowTextA

gdi32

DeleteObject
GetObjectA
GetStockObject
SetTextColor
SelectObject
SetBkMode

clbcatq

SetSetupOpen
ComPlusMigrate
DowngradeAPL
SetSetupSave

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ