bbd613fb57e2aa1c3ab76e1cb86a9bae_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bbd613fb57e2aa1c3ab76e1cb86a9bae_JaffaCakes118
Size

312KB
MD5

bbd613fb57e2aa1c3ab76e1cb86a9bae
SHA1

6c8c926977d72e1d69fb1fc637ea7e03090fa9f0
SHA256

2bf4844bdfa8d7686f0ca3e049fe4eda9332c6509fcc6f765cc5ad5d08cffa23
SHA512

c47f400f05590e8c80d08e6a93e7cf3408c3e02f67b25b48a2819a75c4a43bb5276dd9a576a86b18c651bb6d6d10d690a283413c4d5a04c8908d13ad78508255
SSDEEP

6144:CxhEVFmqqsAxUK45IjPHimC/zN0efxA0878PwW+:CwvmqVAIaimC/GGxDC8IV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbd613fb57e2aa1c3ab76e1cb86a9bae_JaffaCakes118

Files

bbd613fb57e2aa1c3ab76e1cb86a9bae_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4dabbdee115d309958b8042318ec49e4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
GetPriorityClass
GlobalFindAtomA
TlsGetValue
GetModuleHandleA
CreatePipe
CompareStringA
GetThreadLocale
ReleaseMutex
SetEvent
CreateThread
VirtualAlloc
CreateMutexA
TlsFree
IsDBCSLeadByte
GetUserDefaultLangID
GetVolumeInformationA
GetExitCodeThread
GetProcessHeap
GetStdHandle
GetConsoleCP

user32

ReleaseDC
GetWindowTextLengthA
ValidateRect
CloseWindow
IsIconic
GetWindow
GetDC
RegisterClassA
InvalidateRect
GetClassInfoExA
IsWindowVisible
GetForegroundWindow
GetWindowTextA
GetSystemMetrics
GetActiveWindow
ReleaseDC
GetFocus
ShowWindow
GetClassNameA

shell32

SHGetFolderPathA
SHBrowseForFolderA
SHCreateShellItem
SHGetFileInfoA
SHChangeNotify

userenv

LoadUserProfileA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ