bbf7c100df79d00fea9347f70d819692_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bbf7c100df79d00fea9347f70d819692_JaffaCakes118
Size

422KB
MD5

bbf7c100df79d00fea9347f70d819692
SHA1

db01da40f1f3a9fda017529f1b7657d448ba95a6
SHA256

ffe485d6b4d1e8e83d53f7f902547f1552498d9204f0a9fbe4c66229e924b567
SHA512

2a83c56f36c6854ebc7ba0bcb90f8e44bc13e0c6c157eea3ec4b20c6a9a1edccba4b3ea93a1e2432572e2725ac27b1b40a69a077479a18fe91eddb039343c00d
SSDEEP

6144:jvzin7XJXsPpmvUEgYZX3MBP4Q6LJycccrp0GiLBiGpsNZoN:7O7XJX+4DgYBu4NtyccEfcowsNZO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbf7c100df79d00fea9347f70d819692_JaffaCakes118

Files

bbf7c100df79d00fea9347f70d819692_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2c6e7c67272a16df4b63e26b86be5792

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFindAtomA
GetStdHandle
DeleteAtom
GetOEMCP
lstrcat
GetProfileStringA
CloseHandle
ExitThread
RaiseException
EnterCriticalSection
LoadResource
GlobalLock
GlobalUnlock
VirtualAlloc
LocalSize
LoadLibraryExA
SetConsolePalette
GlobalAddAtomA
SetCommBreak
GetProcessHeap
GlobalFree

user32

CloseWindow
ValidateRect
EndPaint
GetDC
ReleaseDC
DrawEdge
AlignRects
GetWindow
IsIconic
GetFocus
ShowWindow
GetWindowTextLengthA
GetClassNameA
GetParent
GetForegroundWindow
GetWindowTextA
BeginPaint
GetClassInfoExA
GetActiveWindow

wsock32

WSASetBlockingHook
WSAStartup
WSAAsyncGetServByPort
WSACleanup
WSAGetLastError

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ