bc6923c49701bc95c08ff9129ebd4ddb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bc6923c49701bc95c08ff9129ebd4ddb_JaffaCakes118
Size

317KB
MD5

bc6923c49701bc95c08ff9129ebd4ddb
SHA1

16f9b2c32f08a2ab72bef54974fd191342971fbc
SHA256

c13e0e5eb8362d6b9e88656933d080705f5e0d42985c1156f23be34d16d80a33
SHA512

e2a87a7520cf4c2d9ef109933f7b40fd74a2f0ea0be2d169a74d02840f62ea103ff8b259c470a1fc6beb694a9070427365e3e0804aa9982ce72a8de45f9425fa
SSDEEP

6144:aOkeeC/4nXA13lwjbjHMGcnr6hDLCF1bzzFD5BrOSMInBOwUsD1N:aOInX5Hrlcnr6hDLstzzYSMaBOwUsRN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc6923c49701bc95c08ff9129ebd4ddb_JaffaCakes118

Files

bc6923c49701bc95c08ff9129ebd4ddb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

568e44d9c264c3a85ececbefccfd1b01

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteAtom
IsBadCodePtr
RaiseException
GetOEMCP
LoadResource
CloseHandle
lstrcpyA
EnterCriticalSection
FreeConsole
GlobalFree
GlobalAddAtomA
LoadLibraryExA
HeapCreate
VirtualProtect
GlobalAddAtomA
GlobalUnlock
GetStdHandle
LocalFree
SetConsolePalette
WriteProfileStringA
GetLastError

user32

GetClassNameA
GetWindow
IsIconic
GetForegroundWindow
DrawEdge
CloseWindow
ShowWindow
GetWindowTextA
EndPaint
GetFocus
GetWindowTextLengthA
AlignRects
GetParent
ReleaseDC
GetDC
GetActiveWindow
BeginPaint
GetClassInfoExA
ValidateRect

mprapi

MprAdminUserClose
MprAdminUserRead
MprAdminUserOpen
MprAdminUserWrite
MprAdminUserGetInfo

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ