bc0c247a7ff52045e6d91fadc768a05c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bc0c247a7ff52045e6d91fadc768a05c_JaffaCakes118
Size

201KB
MD5

bc0c247a7ff52045e6d91fadc768a05c
SHA1

25f5c1c178817a006a25ddd984103fc64909df2b
SHA256

d4d0a3118f644b5454ce442a7dd69c98d4a24fcffdb0e686c82e7cee327b0066
SHA512

fb4c3aa6aa1f818eec26471b9dc90c392906633f08eb4da125f41856f54c992c4d1afc81c668cc819cd79752caff9f30f6708d9e7c7865c3e3965288f3ed5ac9
SSDEEP

3072:B+NJh0o2nG7RQA/6sMTXM8zLQBfNjSAZ4Qx/J+lGApExPuNJ:9/iuAATXM8XbQx/8x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc0c247a7ff52045e6d91fadc768a05c_JaffaCakes118

Files

bc0c247a7ff52045e6d91fadc768a05c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c17da0038591b839f0925bcb4eb34ea2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSystemMetrics
CharNextA
GetDesktopWindow
GetDC

kernel32

DeleteFileA
GetCurrentProcess
GetCommandLineW
GlobalFindAtomW
SetCurrentDirectoryA
LoadLibraryW
GetWindowsDirectoryA
GetUserDefaultLangID
GetThreadLocale
IsDebuggerPresent
lstrcmpA
Sleep
lstrcmpiW
GetConsoleOutputCP
GetVersion
MulDiv
GetStartupInfoA
GetOEMCP
GetDriveTypeA
GetProcessHeap
QueryPerformanceCounter
GlobalFindAtomA
GetCurrentThreadId
GetModuleHandleW
GetTickCount
GetLastError
lstrlenA
lstrlenW
GetACP
GetCurrentProcessId
DeleteFileW
SetLastError
RemoveDirectoryA
VirtualAlloc
GetCurrentThread
GetCommandLineA
CopyFileA
GetModuleHandleA
lstrcmpiA

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ