bc778128e21611a31301860422a618ad_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bc778128e21611a31301860422a618ad_JaffaCakes118
Size

76KB
MD5

bc778128e21611a31301860422a618ad
SHA1

241095f6c691137c073390ed70c799091b5d16b3
SHA256

f77d15592dd62c342fdddf531a0f053ae455b40c8d8f76d528a0d0a7fe483fdd
SHA512

8380cef11d8cc661cb90b8f006b6c21ebd7b73ad6fe60fe38e18e89c221d9855b9e8eeab1ab2167e42f5e4e2dcdc75aac8bcc8decdd469e378be90d40ab559c0
SSDEEP

1536:OTtXmnp6/joCsjbnfbSuYTUXWMYjWdpjVrs2ryrd1vUQuq6:GipaoVnfWuozMYSdHs2qo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc778128e21611a31301860422a618ad_JaffaCakes118

Files

bc778128e21611a31301860422a618ad_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d326bf952786864497d17ef36002e441

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CommConfigDialogA
WriteConsoleOutputAttribute
CreateSemaphoreA
GetCommModemStatus
VerLanguageNameA
EnumLanguageGroupLocalesA
PulseEvent
GlobalMemoryStatusEx
GetCPFileNameFromRegistry
RequestDeviceWakeup

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE