bc1a40445ddc86a573e29cabb11620f9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bc1a40445ddc86a573e29cabb11620f9_JaffaCakes118
Size

273KB
MD5

bc1a40445ddc86a573e29cabb11620f9
SHA1

1899d362f9d7925b80dd4c694cdd080731bcc108
SHA256

53f7ffa89b5b7f0c1d2b3c7093071c717af595a8fa0b3760e145941342ebcffd
SHA512

c22f17a7e31594cd42e88acaa9dc61e3fe0d7cac7bb52ad78ef50a6f40adf5ea2ddecd31f4abe3ece1f96439a0e6f29f21c0ed155eb4e452be81a948097549d7
SSDEEP

6144:9AcdVCKwCMtPf3/5y+DoRlJY5idOyIsHGPs46:1d4SMtH/5y+DwIizIgGPsb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc1a40445ddc86a573e29cabb11620f9_JaffaCakes118

Files

bc1a40445ddc86a573e29cabb11620f9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d98862dea16e4bb2b815c32d705b6369

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMenu
IsWindow
GetTopWindow
FrameRect
GetActiveWindow

oleaut32

SysReAllocStringLen
GetErrorInfo
SafeArrayPtrOfIndex
SysFreeString
RegisterTypeLib

kernel32

LocalAlloc
LoadLibraryA
GetACP
ExitProcess
VirtualAlloc
FreeResource
FreeLibrary
FindResourceA
FormatMessageA

shell32

Shell_NotifyIconA
SHGetSpecialFolderLocation

Exports

Exports

_R7G6XY
LO4pBfdp9Q1di@24
_7oSQ7R5iglB7n@20
w83WN@4
SeVr4Nc4P3Mc7@16
Qif5bv1sCAZC

Sections

CODE
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 213KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 689B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.htdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ