bbfde5ed99694f51aa24ae5ac9b69fba_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bbfde5ed99694f51aa24ae5ac9b69fba_JaffaCakes118
Size

313KB
MD5

bbfde5ed99694f51aa24ae5ac9b69fba
SHA1

d89d47e2e27b21ff1f187fbb9ebb5244f333e84f
SHA256

788c4db2b38abd1a1663cf707a9b6ba10f2603cca9f23991efd42bac4a63c769
SHA512

fadd01ba47056b3f90e06d742eed2699a5f37aa18c023d062e00723fd7f9f9d4d16bf3d96477bdb6a09eb4873d886b84a56a9f54e26fe05bacc408b19989cadb
SSDEEP

6144:6PH/wwALEUzYa1Qvq9bQDbafszUuXjncFTB91arSFGciNoixv4UOEs:6P/wP44KyxQbaUzUuXUfgrpciNoixv4H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbfde5ed99694f51aa24ae5ac9b69fba_JaffaCakes118

Files

bbfde5ed99694f51aa24ae5ac9b69fba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0629b76a484017549dbef12080d444a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
GlobalLock
GetProcessHeap
CreateHardLinkA
VirtualAlloc
GlobalCompact
ClearCommBreak
FindAtomA
LoadLibraryExA
EnterCriticalSection
RaiseException
GlobalFlags
GlobalFree
GetProfileStringA
GetCommState
WriteProcessMemory
CloseHandle
GetTapeStatus
GetOEMCP
GetStdHandle
DeleteAtom

user32

GetClassInfoExA
ShowWindow
IsIconic
GetParent
GetWindowTextLengthA
BeginPaint
ReleaseDC
CloseWindow
GetFocus
GetActiveWindow
RegisterClassA
GetWindow
GetDC
GetForegroundWindow
DrawEdge
GetWindowTextA
EndPaint
ValidateRect
GetClassNameA

wsock32

WSAAsyncSelect
WSACleanup
WSAStartup
WSAGetLastError
WSAIsBlocking

dot3api

Dot3SetProfile

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ