bbc967fa565ab60eda68bd02d8469f90_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bbc967fa565ab60eda68bd02d8469f90_JaffaCakes118
Size

19KB
MD5

bbc967fa565ab60eda68bd02d8469f90
SHA1

a9696e7acc8dad962ad04e64da66189056c0329f
SHA256

25d464e2fc722eac8e17a2583027122f680ed4ca847eb1f4cf04a19e4cf46c66
SHA512

dd27cfa53b2c30888cd98fc5e7221e2d0ec2a4f46e87933dec17dd040e9fd156ed2e6c817224f5de0d6ef3da6482c9a5ec70ebeb97094c8f25bbbdff8646fbf9
SSDEEP

384:0WhsrV2nITHosz8EETKXsoxtYd6XowbcjOTpn:0eE8ELVxqE7p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbc967fa565ab60eda68bd02d8469f90_JaffaCakes118

Files

bbc967fa565ab60eda68bd02d8469f90_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c0fb14931d49bda38d79f228f167423d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
ExitProcess
GetStdHandle
EnumDateFormatsA
CreateMailslotA
GlobalFlags
GetUserDefaultLangID
CloseHandle
EnterCriticalSection
LocalHandle
VirtualAlloc
GlobalFree
GlobalLock
GetOEMCP
GetProfileIntA
CreateJobSet
GetModuleHandleA
GetTapeStatus
FindAtomA
GetVolumePathNameA
GetProfileStringA

user32

RegisterClassA
GetDC
BeginPaint
GetClassInfoExA
GetWindow
GetActiveWindow
ValidateRect
GetForegroundWindow
GetWindowTextLengthA
GetWindowTextA
GetParent
DrawEdge
EndPaint
GetFocus
CloseWindow
ReleaseDC
ShowWindow
IsIconic
GetClassNameA

gdi32

CreateDIBitmap
CreateDCA
GetColorSpace
GetCharWidthA
ExtCreatePen

sxs

SxsLookupClrGuid

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ