fff2233c4e1a94cbfbb295f4810819bc_JaffaCakes118 | Triage

Sharing

General

Target

fff2233c4e1a94cbfbb295f4810819bc_JaffaCakes118
Size

166KB
MD5

fff2233c4e1a94cbfbb295f4810819bc
SHA1

8e8a9ea686134d80adcfd6e71795bea7223b98c4
SHA256

a953876f5c347a19b6ea2da97e8bae4758b4c0bef599702e39f6d428d62c85bb
SHA512

fed5e9409d4831b36d5447b60c2a5681c49af7ddd4081cf355fdd1278c45559727ff03ce819f2a209f0288a64f378278ba3acf9b5a4d74974b3881595c9027c5
SSDEEP

3072:fhed+4F7Hu5GODNLX96TXNjsjL/WPN8swnQ8oJrGl2jfUTX+qwb+H1RAYvJTex:fhU+4FyHyjeWPN83nQP/jfUTXb1B6x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fff2233c4e1a94cbfbb295f4810819bc_JaffaCakes118

Files

fff2233c4e1a94cbfbb295f4810819bc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a201d4252b8800b850cb26ade82b18e4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrcatW
SetUnhandledExceptionFilter
GetModuleHandleA
GetCurrentProcess
TerminateProcess
SetEvent
GetProcAddress
UnhandledExceptionFilter
RtlUnwind
IsDebuggerPresent

user32

GetCaretPos
GetCaretBlinkTime

Sections

8
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

O
Size: 2KB - Virtual size: 975B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

4
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

8
Size: 2KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RSRC
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

8
Size: 2KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

rAF
Size: 224KB - Virtual size: 224KB

IMAGE_SCN_MEM_READ

KvB
Size: 224KB - Virtual size: 224KB

IMAGE_SCN_MEM_READ