bddafa7ddbe4f3c8305995fab72d5626_JaffaCakes118 | Triage

Sharing

General

Target

bddafa7ddbe4f3c8305995fab72d5626_JaffaCakes118
Size

122KB
MD5

bddafa7ddbe4f3c8305995fab72d5626
SHA1

ace449e64127247001ff089181bf80976a7bcc2e
SHA256

50ac43330ba27e685bbad02e599b7d1fdbdb5a7bab443384bb4b56164f9cede9
SHA512

aa90e9fd0de5bfd433061286d84f6f72d0536b959cbed4c911db831a6703c764c7303db634677daaa63a9714ed1b28e6f1d6e4ef2af36817d62f0b78a1166e48
SSDEEP

1536:osVs+Uzsh72iotVQwH3ih2sUfwXe27Hhfg+60e5W+oKLk37lBSZO0Wco8llD/gce:1q+4272VEwW+fL27BjmoLW45yFZMmG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bddafa7ddbe4f3c8305995fab72d5626_JaffaCakes118

Files

bddafa7ddbe4f3c8305995fab72d5626_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1a6b4ec5aae3ea15e21ad860cdc8cb2e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
ExitProcess
GetDriveTypeA
GetFileAttributesA
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetShortPathNameA
GetThreadLocale
GlobalFree
IsDebuggerPresent
LoadLibraryA
MultiByteToWideChar
Sleep
VirtualAlloc
VirtualFree

user32

CreatePopupMenu
GetCursorPos
GetForegroundWindow
SetCursor
wsprintfA

gdi32

CreateBitmap
CreateCompatibleBitmap
GetCurrentPositionEx
GetDCOrgEx
GetPixel
GetSystemPaletteEntries
SetBkMode

shell32

ExtractIconExW
SHCreateDirectoryExW
SHFileOperationW
SHGetFolderLocation
SHGetPathFromIDList
ShellExecuteA

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ