bbcb1329e066067d9fd6b8a235ef287b_JaffaCakes118 | Triage

Sharing

General

Target

bbcb1329e066067d9fd6b8a235ef287b_JaffaCakes118
Size

200KB
MD5

bbcb1329e066067d9fd6b8a235ef287b
SHA1

1d053ecd8287a630b1840d445031e1b63588c0fb
SHA256

6b4119fd3a85d861c73218074857a741b2be53e56013bf00617df7cb8ea58902
SHA512

b2fe3618305bf9196c1efb167487e15003da02b4d6decbab462ec741e95d61d46d8b59cd33a44364e6ecb8578398b2f22d5dbf928afca3082a8387b350ef855a
SSDEEP

3072:Gr3rEG/3LTMj61/bZhP83UI6YFoLHVvWSn5eh/OkED:Gr3YcnMjIZP/L1vWEG/On

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbcb1329e066067d9fd6b8a235ef287b_JaffaCakes118

Files

bbcb1329e066067d9fd6b8a235ef287b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

15df3baf9b3e36f4e0e09eb85e02cb91

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDesktopWindow
GetSystemMetrics
GetDC
CharNextA

kernel32

VirtualAlloc
GetModuleHandleA
GetDriveTypeA
CopyFileA
GetWindowsDirectoryA
LoadLibraryW
SetCurrentDirectoryA
GetUserDefaultLangID
RemoveDirectoryA
GlobalFindAtomW
lstrcmpA
lstrlenW
GetACP
QueryPerformanceCounter
GetCurrentProcess
GetCurrentThread
GetStartupInfoA
GetVersion
DeleteFileA
GetCurrentThreadId
MulDiv
GetTickCount
GetConsoleOutputCP
GetCurrentProcessId
DeleteFileW
IsDebuggerPresent
GetOEMCP
Sleep
GetModuleHandleW
lstrlenA
GetThreadLocale
GetLastError
GetCommandLineW
lstrcmpiW
GetCommandLineA
SetLastError
GlobalFindAtomA
lstrcmpiA
GetProcessHeap

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ