bd0c6f261cb1739f39c47de2f0016c64_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bd0c6f261cb1739f39c47de2f0016c64_JaffaCakes118
Size

190KB
MD5

bd0c6f261cb1739f39c47de2f0016c64
SHA1

0bcb63898a49fb8e1e059ae285295cdd23e71973
SHA256

0c5b009eb24639c27367d9bc23dedac1a11f6c06dbbbfbba320b60f01152a17a
SHA512

923bd33a513a0a57224c6123e295ff0d720aa42e92d8d47ab02007a05d96d3159614dddf1b732ec5852faaf5a4cb08d264d08f939ccb72406fcc360b99f27265
SSDEEP

3072:0R8TYSgBDu3GhSFNA909X9TKhRclFkpcHs5X9HHGjzLRyYuuoDs6sOY9i:KML3GhSFNT9l86WCHs59GCjDslA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd0c6f261cb1739f39c47de2f0016c64_JaffaCakes118

Files

bd0c6f261cb1739f39c47de2f0016c64_JaffaCakes118
.exe windows:4 windows x86 arch:x86

27b0dce188e12da7a96ba62c2889833c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

ICSendMessage
ICClose
ICOpen
ICDecompress

kernel32

CloseHandle
GetShortPathNameA
GetModuleHandleW
GetCurrentThreadId
GetFileInformationByHandle
UnhandledExceptionFilter
EnumResourceTypesW
GetCurrentProcessId
GlobalFree
ExitProcess
CreateFileW
LoadLibraryW
GetProcAddress
GetLastError
GetVersionExW

user32

GetClientRect
GetWindowPlacement
PostMessageW
SetCursor
SetRectEmpty
InvalidateRect
AdjustWindowRectEx
FillRect

advapi32

RegQueryValueExW
RegEnumKeyExW
RegCreateKeyW
RegSetValueExW
RegCloseKey
RegDeleteKeyW
RegOpenKeyExW
RegSetValueW

Sections

.text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ