b2c06bf1cddd2961e19adbc8022cf435_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b2c06bf1cddd2961e19adbc8022cf435_JaffaCakes118
Size

590KB
MD5

b2c06bf1cddd2961e19adbc8022cf435
SHA1

ecde8b98dec05aef2578e7c55f6ba31c67704e73
SHA256

caaffdf192db56d71dac24b6fa07ce1ea07e5c6f28392b538abd676432f6ef4e
SHA512

3c983b4062f895aa0b248117ebb8249213fa3d2361b8aa50e5f5dc39595a2451fdd0a1f8180cbe3b08f9005e813af9e493298de6d9d2f20c7846030bb6282067
SSDEEP

12288:uJGbFeB+Jql8+jG6HZLlPqJY8vXkfigQnShaYfgnzTt1ELia84:uJ4FeBbl1tZPmz0fFHfgnzTcia84

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b2c06bf1cddd2961e19adbc8022cf435_JaffaCakes118

Files

b2c06bf1cddd2961e19adbc8022cf435_JaffaCakes118
.exe windows:1 windows x86 arch:x86

883533810b3f00a4216bf84ed9b17317

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CloseHandle
CreateDirectoryA
CreateFileA
CreateProcessA
CreateThread
DeleteFileA
ExitProcess
FindResourceA
FreeResource
GetDiskFreeSpaceA
GetExitCodeProcess
GetLastError
GetModuleHandleA
GetProcessHeap
GetTempPathA
HeapAlloc
HeapFree
LoadResource
LockResource
SizeofResource
WaitForSingleObject
WriteFile
lstrcatA
lstrcpyA
lstrlenA

comctl32

InitCommonControls
ord350

gdi32

DeleteObject

user32

DialogBoxParamA
EndDialog
GetWindowLongA
IsCharAlphaA
LoadImageA
MessageBoxA
SendDlgItemMessageA
SetWindowLongA

Exports

Exports

start

Sections

.text
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 568KB - Virtual size: 568KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ