bda74df530cf2c79cec44cd81cf1c37a_JaffaCakes118 | Triage

Sharing

General

Target

bda74df530cf2c79cec44cd81cf1c37a_JaffaCakes118
Size

19KB
MD5

bda74df530cf2c79cec44cd81cf1c37a
SHA1

02ccf4bd5dc8498586984256309af9c7e6fc2db0
SHA256

d657f6c29421cf06bf396811a7f4174bfad9e4753ba8989e17fc6beeee89d010
SHA512

bc81cd90b41abc9bec9175cd08aac45fc9bdfbca34b36bfd86140e4b41983f91f965be774f40080ff4c22bcc4d6b7a4626e7b775e9ef30636272c567025451d7
SSDEEP

384:P0zB+Z5rXmJIUXT7FmUri+7gv9HigG2KKKKUTF5Ym7gKb20M:K+Z5rWJ/7FYUgfKKKKUTF5Ywv20M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bda74df530cf2c79cec44cd81cf1c37a_JaffaCakes118

Files

bda74df530cf2c79cec44cd81cf1c37a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2ab5707d58cba1ebc55ef4f6e60d1b86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SuspendThread
GetConsoleCP
GlobalUnlock
VirtualProtect
GetTickCount
LoadLibraryExA
GetProfileIntA
WaitForSingleObject
lstrlenA
GetStdHandle
HeapCreate
WaitForMultipleObjects
CompareFileTime
HeapReAlloc
GetSystemDefaultLangID
InterlockedExchange
GetCommandLineA
AddAtomA
CloseHandle
GetModuleHandleA
GetVersion

user32

UpdateWindow
DestroyMenu
TranslateMessage
ShowWindow
DispatchMessageA
PaintDesktop
SubtractRect
EqualRect
GetKeyState
DialogBoxParamA
CreateCursor
SetWindowPos
GetDlgItem
GetKeyboardLayout
GetMenuStringA
ModifyMenuA
EnableScrollBar
CopyRect
PostMessageA
SetPropA
MessageBoxA
FindWindowA
GetWindowTextA
InsertMenuA
CreateCaret

atl

AtlAdvise
AtlModuleInit
AtlGetVersion
AtlSetErrorInfo
AtlUnadvise

dnsapi

DnsStatusString

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ