bc31fb9e5bd31e198bde9291a56cbcf9_JaffaCakes118 | Triage

Sharing

General

Target

bc31fb9e5bd31e198bde9291a56cbcf9_JaffaCakes118
Size

190KB
MD5

bc31fb9e5bd31e198bde9291a56cbcf9
SHA1

2ce6438d301bf20b1fcee2894f35e58b16d3964c
SHA256

9834909a2e7bcc95452964ab534676bc5097dbbc38a36d617ac2faae1f64a211
SHA512

be8e8de797f21672013eb8d1cec91e8f887701ddc94b7e75e9fca1e549d3ce5621dbfa18d241101ed05e51ec4267981bfda790f43399a144e248a7b22ffa8919
SSDEEP

3072:dAJPSuuAQ2cflG6PWA/uK2FUB2UnDOtEiXwVTxg9p7fR:0GlP/uK2SB2v/kTxg9p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc31fb9e5bd31e198bde9291a56cbcf9_JaffaCakes118

Files

bc31fb9e5bd31e198bde9291a56cbcf9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5acc6b4cd8f91625953dee71e3755e79

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
GetUserDefaultLangID
GetCommandLineW
GetCommandLineA
lstrcmpiA
GetCurrentProcessId
QueryPerformanceCounter
GetCurrentProcess
GetACP
lstrlenW
GlobalFindAtomW
GetLastError
GetCurrentThreadId
GetTickCount
GetDriveTypeA
SetLastError
Sleep
GetStartupInfoA
RemoveDirectoryA
GetWindowsDirectoryA
GetModuleHandleW
lstrlenA
lstrcmpA
GetProcessHeap
GetCurrentThread
MulDiv
lstrcmpiW
GetVersion
GetConsoleOutputCP
GetThreadLocale
CopyFileA
SetCurrentDirectoryA
VirtualAlloc
LoadLibraryW
GetOEMCP
GlobalFindAtomA
GetModuleHandleA
IsDebuggerPresent

user32

CharNextA
GetDC
GetSystemMetrics
GetDesktopWindow

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ