fba9a2cc10862e1c11054af84427f403_JaffaCakes118 | Triage

Sharing

General

Target

fba9a2cc10862e1c11054af84427f403_JaffaCakes118
Size

174KB
MD5

fba9a2cc10862e1c11054af84427f403
SHA1

44ec7c5ae23ee951227317405ee56fc9318d29bb
SHA256

b959a44137466a19ed109945596d9becc38d2925fb63b4305c9d6b432d1903d8
SHA512

cf2cd3a9195986a231f228ebadeea5ddb6d08d7ffd0c24034e5d3944294b4ef9db0dc5841450dcd34216e201a13ba57753c3753dab8876e121d4c4470e881c26
SSDEEP

3072:1OuRxqAK87oRXr7qk5M29raOXCA/XtoG3o0nW/t0GGV2II/T:1XqAX7eXr7q2FaOXCaXaB1/82

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fba9a2cc10862e1c11054af84427f403_JaffaCakes118

Files

fba9a2cc10862e1c11054af84427f403_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f725aa15dcb4fc11a6564d7f7811ea96

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsAlloc
SetHandleCount
FreeEnvironmentStringsA
SetFilePointer
SetLastError
GetAtomNameW
WideCharToMultiByte
IsBadWritePtr
TlsFree
GetEnvironmentStringsW
GetEnvironmentStrings
UnhandledExceptionFilter
GetEnvironmentVariableA
GetStartupInfoA
HeapCreate
IsBadCodePtr
EnumResourceNamesA
SetUnhandledExceptionFilter
VirtualAlloc
GetModuleFileNameA
GetCPInfo
HeapReAlloc
GetFileType
TlsGetValue
IsBadStringPtrW
GetStdHandle
FreeEnvironmentStringsW
HeapDestroy
FatalAppExitA
VirtualFree
GetCurrentThread
IsBadReadPtr
WriteFile
TlsSetValue

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

shell32

SHGetSpecialFolderPathA

rpcrt4

NdrConformantArrayFree
UuidCreate

Sections

.text
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ