b13bdfbb190e6e46a8e5a00bb0e97bbb_JaffaCakes118 | Triage

Sharing

General

Target

b13bdfbb190e6e46a8e5a00bb0e97bbb_JaffaCakes118
Size

813KB
MD5

b13bdfbb190e6e46a8e5a00bb0e97bbb
SHA1

2c4b9e8f3009aa7039c60930202b10a61ac712c2
SHA256

fe5d141b148e6fdb67794c5371e65018122862eaeeb04e70854a3ed40406b5ef
SHA512

0a56cb28fd2d23e45bb4e9ade91aeba67ee52d644a4397f9c0036f8b387779a800716f49f7acd4ade8e71b4192b5d55430d8b6ca9564ed3fd3656be6a97e65ac
SSDEEP

12288:3SV8KxM3bueOdA4Oddpaqqe60kInUWhHAhTwdccsLwYJbl+he+BasmIpua77EBEX:3SjoaeOGp+e60dUWqhkdc1VYtHmSkM3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b13bdfbb190e6e46a8e5a00bb0e97bbb_JaffaCakes118

Files

b13bdfbb190e6e46a8e5a00bb0e97bbb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

84b78c089f8bbf23d00461c7ddcd466e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
GetConsoleCP
LocalUnlock
IsBadReadPtr
HeapCreate
FindClose
CreateFileMappingA
FreeEnvironmentStringsA
GetModuleHandleA
LocalLock
GetStdHandle
GetLastError
CreateFileA
CloseHandle
CreateEventA
IsDebuggerPresent
LocalFree
GetACP
WaitForSingleObject
LoadLibraryExA

user32

GetIconInfo
IsWindow
SetFocus
ScrollWindow
DispatchMessageA
GetDlgItem
GetMessageA
EmptyClipboard
PostMessageA
EndMenu
GetDC
DefWindowProcA
CreateDialogParamA
DrawIconEx

msasn1

ASN1BEREncLength
ASN1BERDecCheck
ASN1BERDecBool
ASN1BEREncFlush
ASN1BERDecEoid

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ