bd23bdce82d0ec49930a5c9563253476_JaffaCakes118 | Triage

Sharing

General

Target

bd23bdce82d0ec49930a5c9563253476_JaffaCakes118
Size

30KB
MD5

bd23bdce82d0ec49930a5c9563253476
SHA1

1b69c13209708080dc97066656295343126f95c1
SHA256

67e52d2e4250d80969317d7ebdc95808efc7f1bfc6980cc122def178a5d64bfe
SHA512

51b488c2e1dad13455135149c5317de5a2c27c9f8d26bc692a8fe4932f4a73074a61d720effd2607ee7a36cf67890485d0ac4bf1ca7b31906f273af7dbb866dc
SSDEEP

384:cxaZCLXg2R1REs2bR+6JS6vlWz/meacMkzN76Ta023rrHGXtKpLg183AORsqrP:cxaZiXgscQSS6XgNe8ba0LhnRsu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd23bdce82d0ec49930a5c9563253476_JaffaCakes118

Files

bd23bdce82d0ec49930a5c9563253476_JaffaCakes118
.exe windows:4 windows x86 arch:x86

97dab148e622395df3929757c97ea29d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
GetCPInfoExA
GetConsoleAliasA
BuildCommDCBAndTimeoutsA
GetDiskFreeSpaceA
FillConsoleOutputCharacterA
SetConsoleTitleA
GetConsoleCommandHistoryA
WriteConsoleOutputA
GetModuleHandleA
SetEnvironmentVariableA

user32

GetWindowModuleFileNameA
DdeInitializeA
SetWindowTextA
ChangeMenuW
SystemParametersInfoW
CharToOemBuffW
RegisterClassA

gdi32

DeviceCapabilitiesExA
GetTextMetricsA
TextOutA
GetTextExtentPointA
GetEnhMetaFileDescriptionA
StartDocA
PolyTextOutA

Sections

.text
Size: 23KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fasm
Size: 1024B - Virtual size: 834B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1024B - Virtual size: 843B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ