bd347e53348f01c9dbe1aa1d42790934_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bd347e53348f01c9dbe1aa1d42790934_JaffaCakes118
Size

44KB
MD5

bd347e53348f01c9dbe1aa1d42790934
SHA1

847c20e7bd8dc2c0f0579d4a55037973ebd3462d
SHA256

01da7301b26d8c9a6e4bacff4e2c27be416f1a11c9d268ce4e8ee606cfef8227
SHA512

085323a12d6d13faa4b11f3a8068eb48a2c43439b8ed9379474cbd1b87820c310fd083fcdf5e31c0658ae58b5586520ba097e7283e6ad82052ec3ff4935cabc1
SSDEEP

768:+0ukQj8B1cTxiDEDGaYNJ8oTJvhVEyQJIxZ71VSPJd7y6Q:NuksVBLuEyFxfVaJd7y6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd347e53348f01c9dbe1aa1d42790934_JaffaCakes118

Files

bd347e53348f01c9dbe1aa1d42790934_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5fe793b8c2a1ff17b541cf70d6f3d167

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BuildCommDCBA
ExitProcess
GetDateFormatW
GetDefaultCommConfigW
GetProcessHeap
IsBadStringPtrA
LocalFileTimeToFileTime
SetCommTimeouts
SetFileAttributesA
SetMailslotInfo
_lcreat

advapi32

AllocateAndInitializeSid
AreAnyAccessesGranted
ConvertSecurityDescriptorToAccessA
CreatePrivateObjectSecurity
CryptGetHashParam
GetNumberOfEventLogRecords
LookupAccountNameA
OpenServiceW
OpenThreadToken
QueryServiceLockStatusA
SetPrivateObjectSecurity
SetServiceBits

user32

CopyRect
CreateAcceleratorTableA
DispatchMessageW
GetKeyboardLayoutNameW
GetMenu
IsCharLowerW
MessageBoxW
SendMessageCallbackW
SetThreadDesktop
ShowCursor
WINNLSGetEnableStatus
keybd_event

Sections

.text
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE