bbd3afa40906e02de49bdfa3507ae937_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bbd3afa40906e02de49bdfa3507ae937_JaffaCakes118
Size

211KB
MD5

bbd3afa40906e02de49bdfa3507ae937
SHA1

8c8a296d50c7c61241266592adaa49f559701c1c
SHA256

1f9435ee4d080794ceaa4c52e887da77b393f4794812037751f7b47369b056ea
SHA512

6e97aba6aed0caf2dc14986ba964b54d30dd7e73ebb0344ac34dbfb2a8ef150771776d438a6c102a7dcad151a4665d3ea9427cbb883c304715bddda266dbaafc
SSDEEP

6144:GK3cZA2GXxLo9a/LtrroYRf4Kx1oESOcmf/sjW9w:Dz2GNoUdrLfnT3cuUjW9w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbd3afa40906e02de49bdfa3507ae937_JaffaCakes118

Files

bbd3afa40906e02de49bdfa3507ae937_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aa66d33ec4dd5159652929cda5e7f067

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
GetDriveTypeA
GetModuleFileNameA
GetCurrentProcess
TlsSetValue
GetModuleHandleA
FreeLibrary
GetCommandLineA
GetLogicalDrives
VirtualAlloc
lstrcmpA
GetCurrentProcessId
IsValidCodePage
lstrcatA
Sleep
GetSystemDefaultLangID
GetCurrentThread
GetACP
GetCurrentThreadId
TlsAlloc
TlsFree

user32

GetSystemMetrics
ReleaseDC
GetWindow
OpenIcon
GetClassLongA
ShowWindow
BeginPaint
GetWindowLongA
GetFocus
IsWindowVisible
UpdateWindow
RegisterClassA
GetWindowDC
GetDC
GetWindowTextA
GetWindowTextLengthA
CreateWindowExA
GetActiveWindow
GetForegroundWindow

advapi32

RegQueryValueExA
IsTextUnicode
GetUserNameA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

version

VerLanguageNameA
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ