fea35f6f4ee944ae82f2dbfdab4604fa_JaffaCakes118 | Triage

Sharing

General

Target

fea35f6f4ee944ae82f2dbfdab4604fa_JaffaCakes118
Size

74KB
MD5

fea35f6f4ee944ae82f2dbfdab4604fa
SHA1

21e4aea2a625f6088621be11c44b22a947588cfc
SHA256

a856508a4ca17361e0b875fd11ff28be3c7630322da8677089bfc8614a30a49f
SHA512

1f3d105a2f742cd94fc799e182c6ec6d9bed0d45477972c6d08c336295cc83b0717b624b2896c154626b7e296798c72592bab748350263ee1773ac21056de308
SSDEEP

1536:SS9zkQpUbNaDomo3xwthUznolOcccJCL5Kz24gSQpt6hL5s:j9caDmwt+nrcccJCdK2mL5s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fea35f6f4ee944ae82f2dbfdab4604fa_JaffaCakes118

Files

fea35f6f4ee944ae82f2dbfdab4604fa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e8678b445ec8e2ab9f797320eabc86c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
InterlockedExchangeAdd
ExitProcess
GetProcAddress
GetCommandLineA
GetModuleHandleA
GetStartupInfoA
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
GetVersion
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
GetStringTypeW

user32

RegisterClassExA
CreateWindowExA
DialogBoxParamA
GetMessageA
LoadCursorA
LoadIconA

shell32

SHChangeNotify

shlwapi

StrChrIA

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ