bece6bf0d6c8c584f47a6807e6053748_JaffaCakes118 | Triage

Sharing

General

Target

bece6bf0d6c8c584f47a6807e6053748_JaffaCakes118
Size

19KB
MD5

bece6bf0d6c8c584f47a6807e6053748
SHA1

44e2b427ebb7da3b053d9ca61b39f4e0c4436a67
SHA256

eec6627a72f5832fba9509b0c54ce84bce48ed6d64cd3a52c2c385fe5b13abdc
SHA512

5eb429905eb54c8974079e62140561df04104c30d2cda2b4bba29957e02ae0cb4e916c49aa2f8c42413352dc4eb8056e73a0759f52dd33b024c42a8a0b00d5a2
SSDEEP

384:05l5q3L23D3n3K3A3sGi+355z6rrogPZBWeYXp0sjEFC37vS1sIK:075MLQr3sShb2rogPD7YXKwE8Rj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bece6bf0d6c8c584f47a6807e6053748_JaffaCakes118

Files

bece6bf0d6c8c584f47a6807e6053748_JaffaCakes118
.exe windows:4 windows x86 arch:x86

897ad24e72583b3f22be85055d82454c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetCurrentThread
FlushInstructionCache
VirtualProtectEx
ExitProcess

user32

DestroyCaret
GetActiveWindow
GetWindowLongW

ntdll

NtReadFile

Sections

.rtext
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ksxzhq
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bqvdhq
Size: 11KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ