fd73f3f8e30c505587d64695a63dab4e_JaffaCakes118 | Triage

Sharing

General

Target

fd73f3f8e30c505587d64695a63dab4e_JaffaCakes118
Size

209KB
MD5

fd73f3f8e30c505587d64695a63dab4e
SHA1

7bcdade370e613aba1c932003f989d191f65d04a
SHA256

b018df0d0bee77ecb61b919b4c3d4509f38834c83ee019eb5032f2b08398f46e
SHA512

785ab609a4416ca4eaa386ccfd161561ecf8f1864a30130b6757f7560cf74708dc235019a434aabeaf33092bf977dbe1683acaab6f52c1c154e5dd0dfac8e5ed
SSDEEP

3072:wf1uE1rB5hoRWVuqQYabE0TMCI2QPnDw4GzvwDmfCkipFmL+BsIWmnqiSTNlSVyY:ww+lvAvoE5IZnE4cuJCGtnai2XwF7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd73f3f8e30c505587d64695a63dab4e_JaffaCakes118

Files

fd73f3f8e30c505587d64695a63dab4e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8eb49b9e11b3928ae34744746cba12d5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

user32

CallWindowProcA
UnionRect
GetFocus
IntersectRect
GetParent
GetClientRect
RegisterClassExA
InvalidateRect
BeginPaint
PtInRect
IsChild
SetFocus
GetKeyState
RealGetWindowClassA
IsWindow
UnregisterClassA
EndPaint
CreateWindowExA

kernel32

ExitProcess
HeapAlloc
VirtualFree
CreateFiber
IsProcessorFeaturePresent
GetProcAddress
LoadLibraryA
GetLocaleInfoA
ResumeThread
HeapSize
TerminateProcess
HeapReAlloc
EnumResourceNamesA
RtlUnwind
UnhandledExceptionFilter
HeapDestroy
GetACP
GetSystemInfo
VirtualQuery
VirtualProtect
VirtualAlloc
SetThreadPriority
InterlockedCompareExchange
SetUnhandledExceptionFilter
GetCommandLineA
WriteFile

Sections

.text
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ