ba09f49889dc80f470ff414979d232ee_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ba09f49889dc80f470ff414979d232ee_JaffaCakes118
Size

43KB
MD5

ba09f49889dc80f470ff414979d232ee
SHA1

4c449cd713114db53d064cb0daff7b2c3f07d973
SHA256

054ff23a7ac9bf830ad87786536e390aef075ba5814b757dfd18d601367415cd
SHA512

0e6c8ba2659d99b9a30c1e63bccf21e4b5daebaa62a1b13638c6f4e1e2f55f67239103f0d92a27e88ceb61246081944d877a5f8adce7197b9f208d93325d8375
SSDEEP

768:uOOJFkHbv5crAms9c/pJ52KlPMeLSlP16OlTdMs4YYOjWV6YpHIDztwgXe:uOOTkHbvaMms9WHJLSlPrTas4dZHM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba09f49889dc80f470ff414979d232ee_JaffaCakes118

Files

ba09f49889dc80f470ff414979d232ee_JaffaCakes118
.exe windows:5 windows x86 arch:x86

720faaf0ff9dc10f6debbe1959d51a54

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
SetEndOfFile
CreateProcessW
CreateFileMappingW
CloseHandle
MultiByteToWideChar
lstrcmpiA
CreateEventW
ExpandEnvironmentStringsW
lstrlenA
GetTempPathW
GetDriveTypeW
HeapFree
HeapAlloc
ReleaseMutex
SetEvent
lstrcatW
FindClose
DisconnectNamedPipe
GetModuleHandleA
GetUserDefaultUILanguage
GetCurrentThread
WriteFile
GetModuleFileNameA
FlushFileBuffers
CreateMutexW
GlobalLock
MoveFileExW
OpenProcess
FindFirstFileW
lstrcpynW

user32

OpenDesktopA
GetKeyState
GetDlgItemTextW
GetDlgItem
LoadCursorW

Sections

.vcjgl
Size: 35KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rqn
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fubct
Size: 4KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ