bfa5db8144f9bc0b9da1034f90f799c5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bfa5db8144f9bc0b9da1034f90f799c5_JaffaCakes118
Size

190KB
MD5

bfa5db8144f9bc0b9da1034f90f799c5
SHA1

efdfa485b599d2b143d801a9f0400bde0c0fe251
SHA256

3e7482796fda730c02f4fb9e27abd64d116521d0b6e3048030cacdb726e07bdf
SHA512

1e44e426f391bc41c300369c10f5296986718c0a5db3789f909a2dd369a3ac81a902b1caabea4f3bba9bca759db7abac3a2b5b34d77c0677216d8abf154751f1
SSDEEP

3072:UPbuT2vElSLb4kw+Yn6PFtBjuwEl//IXBZZm7b/Vi48Uv0v7Srh9fkub2H8+ozJ/:UNvSpkwdn0v0loX8ViBUvviubv7J3v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfa5db8144f9bc0b9da1034f90f799c5_JaffaCakes118

Files

bfa5db8144f9bc0b9da1034f90f799c5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ab8a86113fe989be478d0f1201d31a93

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileExA
CreateSemaphoreW
FreeConsole
FindVolumeMountPointClose
DeleteFileW
FindAtomA
GetProcessTimes

user32

UpdateWindow

Sections

.code
Size: 9KB - Virtual size: 809KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 177KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pack32
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ