bc78258ddd5fc6778ac96e095720a9ab_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bc78258ddd5fc6778ac96e095720a9ab_JaffaCakes118
Size

341KB
MD5

bc78258ddd5fc6778ac96e095720a9ab
SHA1

17d69066497dea596230b6ee43f11c4fbf9cdcd4
SHA256

1bc1b41a4a3bb39dd352e14ea9a3a34b1d87d241bf0e5a30d28e75d1a7caa554
SHA512

e560fb3e9034254b8cb0c93e2d763fd0d487353df5d4ae028b8f7d12f7fffbf3312f662a4c10306fac7b0bc2f2efb430983f54add73d03756436a00fbf8c9d79
SSDEEP

6144:Rm37Spg1M7PyaQB74fo4UDblEzNENyRDUVpbCmV73uV1I:RMuWCP/kMWDblsNjDmJu2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc78258ddd5fc6778ac96e095720a9ab_JaffaCakes118

Files

bc78258ddd5fc6778ac96e095720a9ab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

55185910bfe0a3ab051b4eeca81304f5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
GetSystemTime
CreateEventA
CreateMutexA
CancelIo
GetConsoleTitleA
GlobalLock
FreeConsole
GlobalUnlock
LoadLibraryExW
LocalFree
EnumResourceTypesW
GetLastError
GetStdHandle
IsBadReadPtr
CloseHandle
lstrlenA
VirtualProtectEx
GetModuleHandleA
IsDebuggerPresent

user32

GetSubMenu
IsIconic
GetMessageA
GetDlgItemTextA
EnumWindows
GetKeyState
IsMenu
DialogBoxParamA
GetMessageA
CreateWindowExA
EndDialog
GetParent
LoadCursorA
MessageBoxA

clbcatq

CheckMemoryGates
GetComputerObject
GetCatalogObject
SetSetupOpen
ComPlusMigrate

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ