fe325bdf1d13ab91b307c6c77e9a8f5d_JaffaCakes118 | Triage

Sharing

General

Target

fe325bdf1d13ab91b307c6c77e9a8f5d_JaffaCakes118
Size

164KB
MD5

fe325bdf1d13ab91b307c6c77e9a8f5d
SHA1

35461dee62ac27823f4e5a16d4f9ddaea7fd4f1d
SHA256

d7c1094ec76efcfc64458d50bbafa066414684c144afbaf15c755375abbb46bf
SHA512

1d81c8a89e91355125bc21c273fc43bb56f15a09e14cf62686864ee5c1928ce7ba016a29ed19013a9bcd2ffd41ad14084d914b6bb1514cb7127086da559d2af1
SSDEEP

3072:Om7WiBfRXptiSo/dMLjm5UstDczLMD7nbWfJJg95aiMa:Om7xBZZ0S2dMLi5UstczLc7n6o9Qz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe325bdf1d13ab91b307c6c77e9a8f5d_JaffaCakes118

Files

fe325bdf1d13ab91b307c6c77e9a8f5d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

93b0f64fffbcd09ffbda394d94205b3d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA

msimg32

AlphaBlend
TransparentBlt

kernel32

CreateFileW
GetThreadIOPendingFlag
GetLastError
InterlockedIncrement
WriteFile
SetEndOfFile
IsBadReadPtr
WideCharToMultiByte
TransmitCommChar
FreeLibrary
InterlockedDecrement
GetProcAddress
EnumResourceNamesW
LoadLibraryA
FlushFileBuffers
CloseHandle
GetModuleFileNameA
LoadLibraryW
ExitProcess
MultiByteToWideChar
SetStdHandle
CreateMutexA
GetTempPathW
CompareStringW
CompareStringA
SetEnvironmentVariableA

user32

CharUpperA
wsprintfW
wsprintfA
MessageBoxA
GetKeyState
CharNextA
GetTopWindow
CharLowerA

Sections

.text
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ