bd10325b59bac9b0cc8983d4d53a8c5d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bd10325b59bac9b0cc8983d4d53a8c5d_JaffaCakes118
Size

172KB
MD5

bd10325b59bac9b0cc8983d4d53a8c5d
SHA1

51f9fbfc9ec341e7802c476c7051475129ec2ceb
SHA256

090a717614735afd128478a5a974ab8234384664740e7218ea247f9a9460594a
SHA512

9080817a623213105ada8635f1c24c84045d8f1662b5206907cc714c95f1333667e925c2f9a63266df0dae108df1e2da4d3e78c7dbca9e051491c777cb59c3ed
SSDEEP

3072:oEjjbynKHotea5+qQy5XVFF6k8aS7T1nCC0KFi4bxPhqCPZjZkPWYYf77ddrP1CI:oE7QSot5+qQy9BenwKM4bxPsOZlGQ7/C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd10325b59bac9b0cc8983d4d53a8c5d_JaffaCakes118

Files

bd10325b59bac9b0cc8983d4d53a8c5d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4efc2d3e673738b5817f6cc5819957f6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetModuleHandleA
FlushInstructionCache
VirtualProtect
GetTickCount
GetLastError
GetProcAddress
LoadLibraryA
Sleep
LocalFree
LocalAlloc
VirtualProtect

user32

wsprintfA

Sections

,fcJ.%W[
Size: - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

w'%R+OR,
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/,%c\udq
Size: - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

>N0L36!1
Size: - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

yIUFmne#
Size: 168KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE