bdf31e6fcb765d39450290b919aad51d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bdf31e6fcb765d39450290b919aad51d_JaffaCakes118
Size

195KB
MD5

bdf31e6fcb765d39450290b919aad51d
SHA1

9289aa9ce85ca543b69c50e592a5d446e275c5e6
SHA256

45925f987baf26b5c0af3e69a75e07c012d260ef00a6eca5c2ec8717dfa12bd3
SHA512

d8956624aa3767c30c5cc98a47238292e0946349daf6198e057893634b5ce9a61ffca1c3ef86a52da77bc6e4651ac997686bc8ddcd69c476bdae6fd9ea28552d
SSDEEP

6144:egerQVO9YDWiKq6ecIWNpvNm1ohjpp/n06:eDQg9Zx/FNZNm18pS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bdf31e6fcb765d39450290b919aad51d_JaffaCakes118

Files

bdf31e6fcb765d39450290b919aad51d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1b2273e1de5106a0f97336935b0b0c8e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

WaitForSingleObject
WriteFile
FlushInstructionCache
FindFirstFileA
LoadLibraryExA
SetFilePointer
GetProcAddress
FindNextFileA
FreeLibrary
MultiByteToWideChar
GetModuleHandleA
ReadFile
WritePrivateProfileStringA
EnumResourceNamesW
GetPrivateProfileStringA
FindClose
SetupComm
GetExitCodeProcess
GetWindowsDirectoryA
MulDiv
GlobalAlloc
DeleteFileA
GlobalFree

rpcrt4

NdrComplexArrayFree
UuidCreate

shell32

SHFileOperationA
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHGetPathFromIDListA

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ