bb2f0517c67149d55ae5a558380a754f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bb2f0517c67149d55ae5a558380a754f_JaffaCakes118
Size

283KB
MD5

bb2f0517c67149d55ae5a558380a754f
SHA1

2a23f7d466bfae756a30047f720546755fe9ffe9
SHA256

356c3659d7dc54f0e5f0ca9a46ec5dc9c8d2429fdbf6ef11aee30a1e14113df2
SHA512

ac72df7f9da67ff0be84a920c87a84c91c8ffcbac1a0cbf1d3655889428d24027afd87ef9cea3b4fe95f64d9b8d8b4bc9a64cbc38afb22ef89fb4d3a7affe376
SSDEEP

3072:bGqEVK72yPnE+WhjvcCqVpKXEY+De/KwNSOz9P5O6Qs9qiVTiR2u4S80t6raGsdx:bYVS9nENK/P26e/hNxxcdimI08Qd/5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb2f0517c67149d55ae5a558380a754f_JaffaCakes118

Files

bb2f0517c67149d55ae5a558380a754f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8071a7396d926c2ba0389fcfb5cf735b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowTextA
EnumWindows
GetWindowThreadProcessId
wsprintfW
IsWindowVisible
wsprintfA

kernel32

FindFirstFileA
GetLastError
GetProcessHeap
GlobalFree
GlobalAddAtomW
LoadResource
CloseHandle
HeapAlloc
InterlockedExchange
EnumResourceTypesA
SizeofResource
EnumResourceLanguagesA
EnumResourceNamesA
GetCommandLineA
MultiByteToWideChar
FindFirstFileW
GetModuleHandleA
GetCurrentDirectoryA
LockResource
EnumResourceNamesA
RaiseException
SetLastError
LocalFree
GetCurrencyFormatA
FindNextFileW
GetProcAddress
HeapFree
FormatMessageA
LoadLibraryW
FindResourceExA
Sleep

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyA
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 153KB - Virtual size: 288KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ