bc24364f701d9f580ab0730d03d6392f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bc24364f701d9f580ab0730d03d6392f_JaffaCakes118
Size

141KB
MD5

bc24364f701d9f580ab0730d03d6392f
SHA1

fee6ca362c5be1f82fa1bea5fdb3edde9da883f8
SHA256

d204ea4d653bc8bb224c3de1b17f51ef86c8cc0e9bc8907ae26b91dea007b9bf
SHA512

4573659856eea28d67844f6aa910b02fc9b674d08fd73b0f194121134da75239cada722154cff68ff9a975cbae29a81717a8373f1c6c848c50bd8f00cc6f006f
SSDEEP

3072:YS7AsHj0/6DAG2y563Dvq539mxyVPX1Wb+BctjITu5+EMqV8pnzN:97AmP2hrq+xAPFWb+4ITu4EMX5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc24364f701d9f580ab0730d03d6392f_JaffaCakes118

Files

bc24364f701d9f580ab0730d03d6392f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c8e6dba85bd6017e1ee81fd62cfae4fd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

abs

kernel32

LoadLibraryA

user32

GetActiveWindow

advapi32

CryptDestroyHash

Exports

Exports

ºormatDesktop@888GPAUHINSTANCE__@@U_COMMPROP@@`D
?FormatGUI@888GPAUHINSTANCE__@@U_COMMPROP@@`D
?FormatGUIMonitor@888GPAUHINSTANCE__@@U_COMMPROP@@`D
?FormatHandle@888GPAUHINSTANCE__@@U_COMMPROP@@`D
?FormatWindow@888GPAUHINSTANCE__@@U_COMMPROP@@`D

Sections

.round
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gdi
Size: 512B - Virtual size: 383B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.same
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ