bcdc271f1c9bf24eaacb70facbb7a4f3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bcdc271f1c9bf24eaacb70facbb7a4f3_JaffaCakes118
Size

244KB
MD5

bcdc271f1c9bf24eaacb70facbb7a4f3
SHA1

d98aa3c4d24b508e2d4f1037921304c81c8fa97d
SHA256

24f7e5b38b510e9537dc3b038b3f2b2a03aa8cc6c59e3c9234de01ffc44a7bb0
SHA512

a9594e0d62af21c3e334eccfeba147f8d247b3397af931ebb702afc63f13bda34b67d2eaf147ce7045c1ce6274755f466c4542d1bfeae777ed30c975cb097707
SSDEEP

6144:DfJoPUyBb5BbSBfP8hm0g+zxrMx+da6WV3YhTGG1:DfmRBb5F0fUhRg+z6x+da9yhTp1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bcdc271f1c9bf24eaacb70facbb7a4f3_JaffaCakes118

Files

bcdc271f1c9bf24eaacb70facbb7a4f3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

08b2aeabb9d4b60ce73b0d1c7cbc7e1b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCommMask
DisconnectNamedPipe
GetCompressedFileSizeA
SetComputerNameW
OpenSemaphoreW
AddAtomA
WaitNamedPipeW
GetCurrentProcessId
InterlockedIncrement

user32

GetClassNameA
GetMessagePos
DlgDirSelectComboBoxExW
GetClipboardOwner
ClientToScreen
DestroyWindow
GetWindowTextLengthA
SubtractRect
TranslateAcceleratorA
OpenWindowStationA
GetKeyboardState

gdi32

DeleteObject
PaintRgn
GetGlyphOutlineA
CreateEnhMetaFileW

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data0
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE