bdfb220961b10bfa8ed3f0c1759b1a9a_JaffaCakes118 | Triage

Sharing

General

Target

bdfb220961b10bfa8ed3f0c1759b1a9a_JaffaCakes118
Size

164KB
MD5

bdfb220961b10bfa8ed3f0c1759b1a9a
SHA1

9fa8dbc1a7100ee61ccd7d5337ff30e7ac860ac7
SHA256

3c0c4af1397f5a221b2021fd3317b53eaa209192e9e66f08c6a0aeae95b0f070
SHA512

3d2343589bdd1ea00cab7d39f5087be52dca5eebdb858db8db11e4531e54913786865d88731cf5c2a60906e462627d1156486566be6f0ea62cfc2d143b19dbec
SSDEEP

3072:YcBYy7lBrgq+gOcT23pjhjt/YSN+CuZkP0MaTxm37+ZCi/peoE0:Yvy7lBrg7D+2Fhx/Y4PuZOaTxm3g/pJV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bdfb220961b10bfa8ed3f0c1759b1a9a_JaffaCakes118

Files

bdfb220961b10bfa8ed3f0c1759b1a9a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6ee0e4ee64874f8e90005f57a6e6a75a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfoExA
WriteConsoleA
InterlockedDecrement
GetVersionExA
IsValidLocale
Sleep
GetLastError
DeleteCriticalSection
RaiseException
InitializeCriticalSection
GetLocaleInfoW
InterlockedIncrement
EnumResourceNamesA
HeapSize
EnterCriticalSection
EnumSystemLocalesA
GetCurrentThreadId
GetConsoleOutputCP
GetUserDefaultLCID
SetStdHandle
RaiseException
IsValidCodePage
CreateFileA
LeaveCriticalSection
RtlUnwind
WriteConsoleW

rpcrt4

RpcStringBindingComposeA
RpcBindingFromStringBindingA
RpcStringFreeA

ole32

CoGetMalloc
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ