bc6af09e2d594d60af84be8faca2ce55_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bc6af09e2d594d60af84be8faca2ce55_JaffaCakes118
Size

32KB
MD5

bc6af09e2d594d60af84be8faca2ce55
SHA1

25acfac35237ac7a5e52a4dbbfde4508ddd175e9
SHA256

3e1ecb43ce26a0c6f5e01c7ed3f397519052faadbcf4cc255afd5bd1d13aa29a
SHA512

ce2aafe3fcdb0709fafb3cce6aed9fcf5c24685f3850e682498c6919f9fa0d048d117733fd5d9cfb1586823cfec84cd68a2e9500891179e8905b59d21f9b467a
SSDEEP

384:FLEsRUnKTyHpmlwWcC5YLUyU3poEqb5BllRIkcvo6:FLEsRUnKTc2CUjWnbdlROvo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc6af09e2d594d60af84be8faca2ce55_JaffaCakes118

Files

bc6af09e2d594d60af84be8faca2ce55_JaffaCakes118
.exe windows:4 windows x86 arch:x86

49dc21a44deea2aa2f7deddde19ca658

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetModuleHandleA
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetLastError
WriteFile
CloseHandle
ReadFile
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
RtlUnwind
FlushFileBuffers
SetStdHandle
CreateFileA
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
SetEndOfFile
GetStringTypeW

user32

MessageBoxA

shell32

ShellExecuteA

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE