bcc2658710192797e3967d5bc581ca08_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bcc2658710192797e3967d5bc581ca08_JaffaCakes118
Size

195KB
MD5

bcc2658710192797e3967d5bc581ca08
SHA1

f7dafc07ea4f5393e4425858d21534ec60a99e94
SHA256

05498a24d211ccef8211d64fcf5752c05c310b0adf105319bb0811cd8f271648
SHA512

81faa5bdba875278fca0b1c13c5e45761a8bdcaca3d1dd61c0aca2f2f186df4df7c7c2c389034be2ac0b02e572eb245048d2250fab489d318d9ed0b87857aeea
SSDEEP

6144:0fNCcWetGEnVpuYNNA17GvPTqqgabKGTOY:0FCcWetVnPy63WqPjKY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bcc2658710192797e3967d5bc581ca08_JaffaCakes118

Files

bcc2658710192797e3967d5bc581ca08_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d65d041d4d9721aa13e06d50ed709d14

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
InterlockedExchange
GetStdHandle
GetExpandedNameA
IsDebuggerPresent
LoadLibraryA
VirtualProtect
GetEnvironmentStringsA
FlushFileBuffers
HeapDestroy
GetACP
HeapCreate
DeleteAtom
GetModuleHandleA
GetCurrentProcess
WriteConsoleA
GetTimeFormatA
GetThreadPriority
FormatMessageA
OpenSemaphoreA
GetCurrentThread

user32

FillRect
SetForegroundWindow
SetActiveWindow
wsprintfA
IsIconic
GetFocus
ReleaseDC
GetWindowTextLengthA
FrameRect
GetWindow
ValidateRgn
GetParent
GetDlgItem
GetCursorPos
BeginPaint
ShowWindow
GetClassNameA
EndPaint
DrawTextA

linkinfo

ResolveLinkInfoA
DestroyLinkInfo
GetCanonicalPathInfoA
IsValidLinkInfo
GetLinkInfoData

uxtheme

GetThemeSysFont

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ