bd85ffcf4eb03e3e774f53b3b46da3d4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bd85ffcf4eb03e3e774f53b3b46da3d4_JaffaCakes118
Size

178KB
MD5

bd85ffcf4eb03e3e774f53b3b46da3d4
SHA1

79dee7d055b45cea913dff802736a1ff58435da1
SHA256

6c38474f62242e4e9ab57edbcb445c879ecd3fbe951dd0e4811e62b24e470a1a
SHA512

90647f477af7a2987a18cb2f9d7540ed1d32a6c97fbed15579a82c0f7fec1b5c0c4b78f69f741e7ab3c2724dd912014755be3d1eabe2d8e66e79352ef66e5c84
SSDEEP

3072:F4BmmyFbbwBixNsJu3wAeq8bSM2Q+ZpOlpkAZd0KkZm8KbUrPejCmM7:Fgy9nsJu3wA18eTZpO3Rkh5zejm7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd85ffcf4eb03e3e774f53b3b46da3d4_JaffaCakes118

Files

bd85ffcf4eb03e3e774f53b3b46da3d4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ece478b55631106bd6530ed530fcf282

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

NdrComplexArrayFree
UuidCreate

shell32

ShellExecuteA
SHFileOperationA
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetFileInfoA
SHGetPathFromIDListA

kernel32

FlushInstructionCache
FindFirstFileA
ReadFile
FindClose
DeleteFileA
FreeLibrary
LoadLibraryExA
SetFilePointer
GlobalAlloc
MulDiv
MultiByteToWideChar
GetWindowsDirectoryA
EnumResourceNamesW
GetProcAddress
GetExitCodeProcess
GetPrivateProfileStringA
SetupComm
FindNextFileA
WriteFile
WaitForSingleObject
GetModuleHandleA
WritePrivateProfileStringA
GlobalFree

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ