fb7ef3489999a8c0dbbf3ab3d1a52e9f_JaffaCakes118 | Triage

Sharing

General

Target

fb7ef3489999a8c0dbbf3ab3d1a52e9f_JaffaCakes118
Size

192KB
MD5

fb7ef3489999a8c0dbbf3ab3d1a52e9f
SHA1

c693364964d2eb6089adbf4fea6633759a2f159e
SHA256

b29badfe1d05f069c0f6e0e63771a11c9e65e18241186d952b9ee1b86dc22a9c
SHA512

3aea7c967a3218f3ca1222ab06faa2e0f0b8e1dc463dc4c03d75115025c0cd09ff357ec59737b961cee954ed37edc04af317010002c66e64d4f32d93c73c06a1
SSDEEP

3072:7ZcAnmLBUnEj04GIYOvqdjqyd8KfG4Sd47pXQiBuAPPOQFJsfoCPB:7ZamnEjJGIbCdfbeopXQiBfPLFyoCPB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb7ef3489999a8c0dbbf3ab3d1a52e9f_JaffaCakes118

Files

fb7ef3489999a8c0dbbf3ab3d1a52e9f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

92632422868881fba019d6ece0516cf4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleTranslateAccelerator
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

kernel32

SetFirmwareEnvironmentVariableA
InitializeCriticalSection
GetLastError
GetProcAddress
LocalAlloc
DeleteCriticalSection
LCMapStringW
LocalFree
EnumResourceTypesA
LCMapStringA
LoadLibraryA
SetStdHandle
GetModuleHandleA
GetShortPathNameA
EnterCriticalSection
GetSystemInfo
LeaveCriticalSection
GetStringTypeA

winmm

timeGetTime
timeSetEvent

gdiplus

GdipCloneImage

Sections

.text
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ