b1bfbb53b02aedb1b20eb45813bd3380_JaffaCakes118 | Triage

Sharing

General

Target

b1bfbb53b02aedb1b20eb45813bd3380_JaffaCakes118
Size

29KB
MD5

b1bfbb53b02aedb1b20eb45813bd3380
SHA1

b87668f13ab0d589d21426b106b7a032119569d4
SHA256

633baf1ab6c10df5f8b36ea8167f07598e04d3d845a77668f5d75bd6e76f7f48
SHA512

4f81752ce42829f7979bf8e1d8cb5206222f4ff0a51761bac2ef9edd45cb952eaf18b4a5f2125ae4ffd21889c143d9afb59cbc30cd687ef8034768dace89dfaa
SSDEEP

384:HPb8pBLK13uf2+ITQPFwTA6cyuiCpX5wZJP4Z1SEiGkqj9gJSdggGBCy4mb8x:HksZqwZJAZwEi2j+J8NZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b1bfbb53b02aedb1b20eb45813bd3380_JaffaCakes118

Files

b1bfbb53b02aedb1b20eb45813bd3380_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d32273b3b4abb749840aa2956dcdf4c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
GetModuleFileNameA
SizeofResource
LockResource
LoadResource
FindResourceA
Sleep
GetTickCount
GetStartupInfoA

user32

MessageBoxA

msvcrt

_adjust_fdiv
memset
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
exit
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 732B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 360B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ