bd477e6ebc9887857dba1658412a1396_JaffaCakes118 | Triage

Sharing

General

Target

bd477e6ebc9887857dba1658412a1396_JaffaCakes118
Size

131KB
MD5

bd477e6ebc9887857dba1658412a1396
SHA1

a1e52b8a215daff3d056fb2c5ec60dc2f5bc0330
SHA256

83afc4ab9fb3dcd6df42739d76f5419283fe04e33b7568988169657beb4fc92d
SHA512

f2922f095b9fb9eb08fa71e3b55158def8f63b01bbd6479abc22905346d8fc4bcaa156f8e6d5ee692c716665ddb30b7baad0bbb81b39693dbceede84212bed10
SSDEEP

3072:aKxz8Gp0SlRI3B8rlD5XXAY0u8iOp4x3ft:fN0SlRuB8XXAeOpYF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd477e6ebc9887857dba1658412a1396_JaffaCakes118

Files

bd477e6ebc9887857dba1658412a1396_JaffaCakes118
.exe windows:4 windows x86 arch:x86

53d1c40de40813ffc90e341a01dd813b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
FindResourceA
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileStringA
GetProcAddress
GetTickCount
IsDebuggerPresent
LoadLibraryA
VirtualAlloc
VirtualFree

user32

CharNextA
ClientToScreen
CreatePopupMenu
DefWindowProcA
GetForegroundWindow
GetSystemMetrics
SetTimer
ShowWindow

gdi32

CreateBitmap
CreateDIBSection
CreateRectRgn
GetPixel
SetBrushOrgEx
SetMapMode
SetWindowExtEx

shell32

DragAcceptFiles
DragQueryPoint
ExtractIconW
FindExecutableW
SHAddToRecentDocs
SHGetFolderLocation
SHGetFolderPathA
SHGetPathFromIDListW
SHGetSpecialFolderPathA
ShellExecuteA
ShellExecuteExW
Shell_NotifyIconA

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ