bb0337ac3a761868a1bbbcfd96d2e307_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bb0337ac3a761868a1bbbcfd96d2e307_JaffaCakes118
Size

19KB
MD5

bb0337ac3a761868a1bbbcfd96d2e307
SHA1

130b8f8b2179e765dbea6aa86ffa987a9447000b
SHA256

ecadd8d0a9495cdf957c9bd480bd22740682633fffc60fef4344f6ad947e62f9
SHA512

8822fa25132363c6a9af31c7f20a8d323bc043002f5c718f969db3abd8bf83d12c784f12300ffe5d48363471b25e1e4500d45cf019ef9602e244e531cae1dbd3
SSDEEP

384:osjXSVMn1PgfpAqy/+h3WuNVtA15UbzgQn6IPp1CqB3cKJjyYk4DZJ4PauEKOf:5j1PgfpnG+h3WuNVA5Ub0RI3Cqlcwjys

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb0337ac3a761868a1bbbcfd96d2e307_JaffaCakes118

Files

bb0337ac3a761868a1bbbcfd96d2e307_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9a51e7bc520600cde8b2af52b05ed727

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetNativeSystemInfo
_lread
ReadFileScatter
GetPrivateProfileIntA
GenerateConsoleCtrlEvent
lstrlen
ReplaceFileW
SetCurrentDirectoryA
lstrcmp
UTUnRegister
NlsConvertIntegerToString
GetQueuedCompletionStatus

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE