bc039cd805ad7f04b71242f768fe853b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bc039cd805ad7f04b71242f768fe853b_JaffaCakes118
Size

784KB
MD5

bc039cd805ad7f04b71242f768fe853b
SHA1

7a6e6a2d1840dcb53b2adff8a388e8fa33e92f38
SHA256

e73983d974b67306113ad722d5cf4a094f0abc15330ee94f9f9189939708a50c
SHA512

36d3c48408beae3fd4bf467a5ce9a29008e26b4c6ebeaefb2e42a1380d39002c9086edd2fe62d949e6c470d6801370d53488f1b61a490aab0664bdc9d1b04438
SSDEEP

12288:5G2RMQWXXqlLW+5QEDuqG6lWdyR0ZYrnsXl8xJc1S0m7G3cWu1iQ+HktBj:5/RMVaWGDLG61KZSs18xYoGsWusHO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc039cd805ad7f04b71242f768fe853b_JaffaCakes118

Files

bc039cd805ad7f04b71242f768fe853b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9d3a1c15399dbde0899f637028ca17f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
IsBadStringPtrW
CreateEventW
ReleaseMutex
GetCurrentProcessId
CloseHandle
HeapCreate
GlobalFlags
GetDriveTypeA
lstrlenW
GetEnvironmentVariableW
LoadLibraryW
ReleaseMutex
InitializeCriticalSection
GlobalFree
GetCurrentThreadId
GetPrivateProfileStringA
WriteFile
GetFileTime
LocalFree

user32

EndDialog
SetFocus
GetClassInfoA
CallWindowProcW
GetKeyboardType
GetSysColor
GetClientRect
GetSysColor
DrawStateW
DispatchMessageA
GetCursorInfo
IsWindow
CreateWindowExA

ntlanman

NPGetConnection
NPGetConnection
NPGetConnection
NPGetConnection
NPGetConnection

advapi32

InitializeSid

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 774KB - Virtual size: 773KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ