bdbc620a819c7a04b26a23ed02fd4b46_JaffaCakes118 | Triage

Sharing

General

Target

bdbc620a819c7a04b26a23ed02fd4b46_JaffaCakes118
Size

90KB
MD5

bdbc620a819c7a04b26a23ed02fd4b46
SHA1

fdd49f96af3090d97957d243b8f55f088c1d699f
SHA256

c0d4b525dd24326dc0ba726766af48a4a55dd8fc6310efb05d4310ab1577c532
SHA512

d79191a25597487931128688686cb6ac837a558c43a8f4f1664224db6b25a607fd914acdeb2e0cb4948e9edb15d2e4dea19f1247106763afa7abff20e7b40d84
SSDEEP

1536:amwoPfk3D2SknTaxWa++xmanuLu3jBvXHK9ZmifF:HwoPc3D2BT5+cizpcfF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bdbc620a819c7a04b26a23ed02fd4b46_JaffaCakes118

Files

bdbc620a819c7a04b26a23ed02fd4b46_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a6a2981b62f118e69e748b2171d3146d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
VirtualAlloc
VirtualProtect
VirtualFree

ws2_32

connect

msvcrt

_itoa

user32

GetForegroundWindow

advapi32

RegEnumValueA

shell32

ShellExecuteA

oleaut32

GetErrorInfo

Sections

.dsf
Size: - Virtual size: 184KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dsf
Size: 115KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE