bf9f10f5d5338e3df0b56e48d4373e54_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf9f10f5d5338e3df0b56e48d4373e54_JaffaCakes118
Size

295KB
MD5

bf9f10f5d5338e3df0b56e48d4373e54
SHA1

24a3d6bee575fe90cc7789dfc23e13c331609810
SHA256

8168ea6ee311e6d055a76a5c2c7970784a73c67f9e6e5806653b35369de7c4f4
SHA512

b54503d454d11f25e4ee3b385b4a3b31ef4cf2acaa1572702c73595fb44a96e49e15a3aefbc3d4a547d0ce33ba3dc2d45608389196c95790c3056a5e91fc01a0
SSDEEP

6144:gWEJxUZOWrtMv8a91pYkwY9jEmzCyAv2IvCjD37J3ApdI3vbgrCJ9a:s+a30m+2IvCH37+pdgv1J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf9f10f5d5338e3df0b56e48d4373e54_JaffaCakes118

Files

bf9f10f5d5338e3df0b56e48d4373e54_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eab748594b3725714e16c1add6c27aeb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
CreateMutexW
CompareStringA
CompareStringW
GlobalSize
GetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FreeResource
OpenThread
TerminateThread
CloseHandle
GlobalAlloc
GlobalLock
GlobalUnlock
lstrcpynW
LoadLibraryW
GetWindowsDirectoryW
GetSystemDirectoryW
MultiByteToWideChar
LoadResource
LockResource
SizeofResource
FindResourceW
ExitThread
GetLongPathNameW
GetFileSize
VirtualAlloc
ReadFile
VirtualFree
CreateThread
GetModuleFileNameW
GetCommandLineW
GetTempPathA
GetTempFileNameA
IsValidCodePage
WriteFile

Sections

.text
Size: 255KB - Virtual size: 255KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ