b5180cd29811348183ef86fc448ead90_JaffaCakes118 | Triage

Sharing

General

Target

b5180cd29811348183ef86fc448ead90_JaffaCakes118
Size

73KB
MD5

b5180cd29811348183ef86fc448ead90
SHA1

446b74aa669e38ea1339d29078f6d9c2e504f9e2
SHA256

c922d64c2f1a729b47701df3f907eef1d79306a1314ef380163b9eaaecc5c711
SHA512

3e23f64a9002826a22a8c8c6ae583ee11d8c3c3c39b2eb48095e99fe2e003507196c95b82f7a92270bf611f4efcb396e74cd394a0eff3f45d58ad7d19fefc6f4
SSDEEP

1536:O796YwDZCB6eJxI25sgoxAKxZORLGbASLMBZp9xVdp:O56YwEUeJKav9+M/p9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5180cd29811348183ef86fc448ead90_JaffaCakes118

Files

b5180cd29811348183ef86fc448ead90_JaffaCakes118
.exe windows:4 windows x86 arch:x86

74116e80415e61e2c11e3a8522412343

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
InterlockedExchange
InterlockedFlushSList
OpenSemaphoreA
CancelWaitableTimer
VirtualQuery
EnumSystemCodePagesW
GetVersionExW
WriteProfileStringA
LoadLibraryA
EnumSystemGeoID
CreateTapePartition
GetProcessPriorityBoost
GetProcAddress

user32

MessageBoxA
PostMessageW
CharUpperA
GetWindowContextHelpId
GetClipboardOwner
RegisterClipboardFormatA
RealGetWindowClassA
MessageBoxExA
BroadcastSystemMessageW
EnumDisplaySettingsExA
LookupIconIdFromDirectoryEx
GetWindowTextA
RemoveMenu

gdi32

AbortPath
InvertRgn
SetBkMode
BitBlt
CreatePalette
GetOutlineTextMetricsA
EndDoc

advapi32

AddAccessAllowedAce
LookupPrivilegeDisplayNameW
LogonUserExA
AreAnyAccessesGranted
NotifyBootConfigStatus
StartServiceCtrlDispatcherA

Exports

Exports

BCazdw
BEphm
BHfei
BIuf
BJnzk
BKsh
BLyo
BMn
BRlool
BTj

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE