bcb301f52e0fa0d91f1e86c4e83d4eca_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bcb301f52e0fa0d91f1e86c4e83d4eca_JaffaCakes118
Size

73KB
MD5

bcb301f52e0fa0d91f1e86c4e83d4eca
SHA1

e6d070e25097ff619b21431ac9157a9f01306a4a
SHA256

99a8ddeb7bc3c519b3fa455c90d8dca0f44b1f49e50ab0b2af8eec9acc06247b
SHA512

362ac2fe7dc7a2c57e57ddc9627ed70f5644b4e1b8922ae5f60b80c336190fea1055ff472396f83597f178d78c0b8719f44881b5817db84125553cbab841011d
SSDEEP

1536:ePR/tH5CdwfwZgRG3sV7llkrvS4TmQfYMz/+nVRYqlW:ePR/z1YZgRGIlkrFBfYMz/+BW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bcb301f52e0fa0d91f1e86c4e83d4eca_JaffaCakes118

Files

bcb301f52e0fa0d91f1e86c4e83d4eca_JaffaCakes118
.exe windows:4 windows x86 arch:x86

449a539e4ca15d4572b16ca5b73ad74a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadLocale
ExitProcess
GetModuleHandleA
CloseHandle
GetProcessHeap
ExitThread
GetOEMCP
VirtualAllocEx
GetCommandLineW
LoadLibraryA

user32

GetWindow
CharUpperA
DefWindowProcA
GetSysColorBrush
GetCursor
GetMenu
GetWindowTextLengthA
CreatePopupMenu
DefMDIChildProcA
DefFrameProcA

Exports

Exports

_VXIrNCMye0FQWB
_Xq8LBA@24
_mpfEbE0D@8
ZUbDF6Xd2
_wiJFp6

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 451B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data
.rdata
.rsrc/0/DIALOG/TEXTFILEDLG
.rsrc/0/MANIFEST/1
.xml
.rsrc/0/RCDATA/DVCLAL
.rsrc/0/STRING/4094
.rsrc/0/STRING/4095
.rsrc/1033/BITMAP/BBABORT.bmp
.rsrc/1033/version.txt
.text