bdd7d07587d585f9ed520a900240e7a8_JaffaCakes118 | Triage

Sharing

General

Target

bdd7d07587d585f9ed520a900240e7a8_JaffaCakes118
Size

88KB
MD5

bdd7d07587d585f9ed520a900240e7a8
SHA1

fab101681c49fa2f9e41e536373a7a6b6ea042d7
SHA256

6690cd20fdcf68bb82c18613c371643263b7dc70143fda0578767aca1fac416a
SHA512

e08e3a65a10eccbf0084407c97adc8be0336e208b27ecd92d978cd2b1da4c1f0e00bcb0b7304cbf932a843f35993b0a8545eda5c3fa10125382389ca1a9da2e8
SSDEEP

1536:mQntytdNg6b3BkPA0zOxP6k11KbfMaceGB1RRHrXSYVQg4ptXIW:nnIjCY0zOkkDKbflcfB1gg4ptXIW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bdd7d07587d585f9ed520a900240e7a8_JaffaCakes118

Files

bdd7d07587d585f9ed520a900240e7a8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8556ee860e35b150b15ed7bee7996ee0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
DebugActiveProcess
ExitProcess
GetACP
GetCommandLineA
GetCompressedFileSizeW
GetLastError
GetModuleHandleA
GetProcessPriorityBoost
GetStartupInfoA
GetVersionExA
HeapAlloc
HeapCreate
HeapReAlloc
InterlockedExchangeAdd
ReadFileEx
SetDefaultCommConfigA
SwitchToThread

user32

SetWindowLongA
SetPropA
SetForegroundWindow
PeekMessageA
GetSystemMetrics
DestroyWindow

comctl32

ImageList_DragLeave
ImageList_GetImageRect

ole32

CoCreateInstance
CoCreateGuid

dbghelp

SymUnloadModule
SymFindFileInPath
FindFileInSearchPath
lmi
SymGetLinePrev
SymGetSymNext64

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ