ba428da6a3425963e44b02c1b13fa882_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ba428da6a3425963e44b02c1b13fa882_JaffaCakes118
Size

104KB
MD5

ba428da6a3425963e44b02c1b13fa882
SHA1

b2a3621b8a2ef0e129ab4032fe04a3fed7260737
SHA256

033bc6cb0fea59814e608bfb68ec83c27e0c35d8210c030853bea42b53ec38bd
SHA512

5c36698802044cee09799631b2f30473c6e3791d929c4084892a890e92e5a751291bb5a4e38f47b1a3520a39c1fa9f8a11123d5c7a5ed24a4ab1e39856e4ced4
SSDEEP

3072:Pvo+MsElNEv4aaZKBWIUHTqAt8XDj89jZf:Pvokj9cIGqAt8Xcr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba428da6a3425963e44b02c1b13fa882_JaffaCakes118

Files

ba428da6a3425963e44b02c1b13fa882_JaffaCakes118
.exe windows:4 windows x86 arch:x86

03f1dd65201f0c19f18067dd140b7645

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLCID
GetStartupInfoA
RtlUnwind
GetModuleFileNameA
LCMapStringA
FoldStringW
GetStringTypeA
ExitThread
ExitProcess
CreateThread
HeapCreate
GetStdHandle
GetOEMCP

msvcrt

_initterm
_wcsnicmp
asin
wcscspn
wcschr
??1type_info@@UAE@XZ
__dllonexit
_onexit
?terminate@@YAXXZ
??2@YAPAXI@Z

msimg32

TransparentBlt

Sections

.text
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 696B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE