bac43c8f6c7b1472cb6abadd65cc690d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bac43c8f6c7b1472cb6abadd65cc690d_JaffaCakes118
Size

12KB
MD5

bac43c8f6c7b1472cb6abadd65cc690d
SHA1

7f79f74327e73448121dbed663ed54ebcf79a931
SHA256

13be3510556a73bd8a1ddbddacdb3ec5b72f775feb49739f239a72db2af0f920
SHA512

3818745cb2e79e603a1f97e822e0515232b6471a0463c976be7ba62f5de6a9fefe48636aed7e771b30728081fc0feb2923b1918dccd50546dfd20d302a53552d
SSDEEP

192:6Vr60GgN4of6ya+Ljz2qMlMNeTL3TNeT4+vD:2rv446GLn2vMNeLNek+vD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bac43c8f6c7b1472cb6abadd65cc690d_JaffaCakes118

Files

bac43c8f6c7b1472cb6abadd65cc690d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dac4bf2eff79497aa101736c505cb70f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindAtomA
FindClose
GetDiskFreeSpaceA
TlsGetValue
SetEvent
SearchPathA
GetTickCount
FindResourceExA
CreateThread
Sleep
VirtualProtect
CloseHandle
GetCalendarInfoA
GetModuleHandleA
ReleaseMutex
FindVolumeClose
ExitProcess
DeleteCriticalSection
lstrlenA
GetLastError

user32

EnableWindow
GetMessageA
CopyImage
DispatchMessageA
DragDetect
GetUpdateRect
GetScrollBarInfo
CreateMenu
CreateWindowExA
EndDialog
CloseWindow
DialogBoxParamA
IsIconic
GetKeyState

msdmo

DMOGetName
DMOEnum
DMOUnregister
DMOGetTypes
DMORegister

advapi32

RegCloseKey

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE