bbfe1b8bf420cb12c013085666938a65_JaffaCakes118 | Triage

Sharing

General

Target

bbfe1b8bf420cb12c013085666938a65_JaffaCakes118
Size

234KB
MD5

bbfe1b8bf420cb12c013085666938a65
SHA1

9d3ff0cc04bfa0ed53f4492f2bf56996b864556e
SHA256

d6dc5a3f94fa18e41d2637344f6596198bddd497a20a85f43025d42716445cc1
SHA512

3155f807cc220c6ff89cf23827855bf05f67b40a824f8e2827e93139727e4b1c5db614257e70678a95a08a8f58636c517c89d92320b5d745c633109e137462ef
SSDEEP

6144:0sD76b6fJrk1kuIcSmiYN5mxCOpd8pWBEKng:T7Bp9cdiU5sT7BEKg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbfe1b8bf420cb12c013085666938a65_JaffaCakes118

Files

bbfe1b8bf420cb12c013085666938a65_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3b65822b302e2e3e012b1cb2b998532e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
lstrcatW
GetWindowsDirectoryW
VirtualAlloc
GetProcAddress
LoadLibraryW

msvcrt

memcpy

Sections

.text2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 226KB - Virtual size: 226KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 268B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 564B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ