bf960458c9f37276c40918bb0f17b64f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf960458c9f37276c40918bb0f17b64f_JaffaCakes118
Size

320KB
MD5

bf960458c9f37276c40918bb0f17b64f
SHA1

63214cdbf3df5c2dde3e5561d0bb78978063a63b
SHA256

e1bd9d19588cdab81294bb79640b9d917612b6bf81084393d563a7a1a11dcb38
SHA512

9c009b2a69de7fa5d2549356e8075c1064ad8ca140edb0ac9e9b8d81096b3d002b08ac0994c9aa5290978e5ded42353e7f40002ca172933aace3de7ba31cfa42
SSDEEP

6144:/8OYrEWiGKO9gIFD7py1d/99GxqI7lWA/LtC6DaRNAk93gBdk4mW3:mrXMOic1sUxXxWKZLwSSgB2W3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf960458c9f37276c40918bb0f17b64f_JaffaCakes118

Files

bf960458c9f37276c40918bb0f17b64f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b7c133bce2853f79d080c32da9eee078

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeFormatA
CreateIoCompletionPort
GetACP
LoadLibraryExA
GetProcessVersion
GetCurrentThread
GetLogicalDrives
WaitForSingleObject
VirtualProtect
GlobalMemoryStatus
GetEnvironmentStringsA
GetModuleHandleA
HeapDestroy
GetCurrentProcessId
GetStdHandle
InterlockedExchange
HeapCreate
HeapQueryInformation
IsDebuggerPresent
GetTapeStatus
GetProcessHeap

user32

EndPaint
DragDetect
ShowWindow
DrawTextA
SetActiveWindow
GetWindow
GetParent
GetTitleBarInfo
GetCursorPos
BeginPaint
GetClassNameA
GetWindowTextLengthA
ReleaseDC
wsprintfA
GetFocus
SetForegroundWindow
GetDlgItem
FillRect
FrameRect

advapi32

RegEnumKeyA
RegCloseKey
RegFlushKey
RegSetValueExA
RegCreateKeyA

setupapi

SetupCloseLog

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 720KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ