bcab55dd2be531c83328d7cd821caf74_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bcab55dd2be531c83328d7cd821caf74_JaffaCakes118
Size

61KB
MD5

bcab55dd2be531c83328d7cd821caf74
SHA1

7a9000834a1ef4489398c8ef753f4967014252bd
SHA256

5aab67278c346ff82cf464762be4ee5f0396030bc410806254e63f677c48d0da
SHA512

cc26589843c81b94e7d0ae8375b357780a64447dde01fea3ea8ae2d9bb56568442787c3ecb1040cfcb2a7b6e7d2ac4503f292e52b6c9a685dc71d916ba030f9d
SSDEEP

768:es+gdywTYGhuyU4vXvBo/jxmna4IiB9zy9FaDfgJ36oj68JBjetKe3/KMw:es+0jTYIvXvB4yBI9uW6oxjetKD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bcab55dd2be531c83328d7cd821caf74_JaffaCakes118

Files

bcab55dd2be531c83328d7cd821caf74_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7964fad551fd4734a7468aceb4248fd9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStringsW
SetConsoleTitleA
GetConsoleTitleA
GetModuleFileNameA
GetTickCount
SetConsoleTextAttribute
GetStdHandle
ExitProcess
TerminateProcess
GetCurrentProcess
GetCommandLineA
GetVersion
GetLastError
SetFilePointer
SetHandleCount
GetFileType
GetStartupInfoA
WriteFile
HeapFree
CloseHandle
GetFileAttributesA
GetProcAddress
GetModuleHandleA
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetTempPathA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
SetStdHandle
HeapAlloc
VirtualAlloc
HeapReAlloc
FlushFileBuffers
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
ReadFile
CreateFileA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEndOfFile
LCMapStringA
LCMapStringW

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE