4346dd4e7b401a3dabf7ed5e6d0faddc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4346dd4e7b401a3dabf7ed5e6d0faddc_JaffaCakes118
Size

767KB
MD5

4346dd4e7b401a3dabf7ed5e6d0faddc
SHA1

26292fc12f87ccfa7ba9b2d8cae4e477775db042
SHA256

a477647f755796f0f76f9e3343970b38cdf04cef6a79e5d2b0a7dface0a349ae
SHA512

c014cd0e3835dc0726ca359631812c2a68c822a0def88f8a11fff021aa2266c821e0508e0aa4966afe7e3749ed834563c45302f96aeff9cc0dd0e93d0f06d761
SSDEEP

12288:RUXIY44RZxhvcfpV6LzkhQC64CY6bIhRcu9MPmczbdPi0dLD8Hx4FV:RU4YPhUpqzkhCY+29Mr7df8HOT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4346dd4e7b401a3dabf7ed5e6d0faddc_JaffaCakes118

Files

4346dd4e7b401a3dabf7ed5e6d0faddc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

31f114f37f1b00ccb1ad18ce7c3d78a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenEventW
CreatePipe
CreateFileA
RemoveDirectoryW
RemoveDirectoryW
GetVersion
VirtualProtectEx
SetLastError
GetStdHandle
DeleteFileA
SetLastError
GetCommandLineW
ReleaseMutex
LoadLibraryA
GetFileSize
lstrlenA
CreateMutexA
ReleaseSemaphore
HeapDestroy
Sleep
HeapSize
GetStartupInfoA
CreateFileMappingW
WriteConsoleW
CreateDirectoryW

user32

GetSysColor
IsZoomed
FindWindowA
MessageBoxA
DrawTextW
DestroyMenu
DestroyMenu
CreateIcon
IsWindow
GetClassInfoA
DispatchMessageA
PeekMessageA
GetWindowLongA

feclient

FeClientInitialize
FeClientInitialize
FeClientInitialize
FeClientInitialize

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 760KB - Virtual size: 760KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE