fa11b6d72b72ab2a05c1b9b027e9f234_JaffaCakes118 | Triage

Sharing

General

Target

fa11b6d72b72ab2a05c1b9b027e9f234_JaffaCakes118
Size

129KB
MD5

fa11b6d72b72ab2a05c1b9b027e9f234
SHA1

886173498525fea25b13152ef79bab39e1d59f3f
SHA256

984bb54afc593cf6c1a314c06b93509b5582fa7ff966fe6546744f50d781d516
SHA512

74dd1c9d2004e1029596c4b07f474a341876d7d353509a828b4eb0a78851cc54f5d9ac2fd08a021e51f279d7fd7855181b97fe46347bd8f8469b01b7ec240cde
SSDEEP

3072:O7ykM1WmAOk71mKFp4WlT07tYv1U+xZb:KIk71mkh5Bb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa11b6d72b72ab2a05c1b9b027e9f234_JaffaCakes118

Files

fa11b6d72b72ab2a05c1b9b027e9f234_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e17f03af26392b75a8408450f2ca7195

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtectEx
GetStartupInfoA
GetProcessHeap
GetFileAttributesA
SetEvent
CreateHardLinkW
GlobalFree
CreateMutexA
HeapSize
SetLastError
lstrlenA
DeleteFileW
GetLocalTime
GetTickCount
CreateSemaphoreA
CloseHandle
Sleep
WriteConsoleA
SetLastError
LoadLibraryA
CreateDirectoryW

cryptui

DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer

vdmdbg

VDMGetContext
VDMDetectWOW
VDMBreakThread
VDMGetPointer

Sections

.text
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE