bf0596fe8cd45860ecb3e9d60af90376_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf0596fe8cd45860ecb3e9d60af90376_JaffaCakes118
Size

1.3MB
MD5

bf0596fe8cd45860ecb3e9d60af90376
SHA1

c070c2fd13230c831d7ad8bf03a62a45eb6fca72
SHA256

e338b94644292be1406a8febdb85800c9855e6d64bd5af3cef1cc6cb011973fd
SHA512

b96534a5211d32eb06c97e21680d7d0afdd4802c525e1adc3b0e74e44b1240ad6eed1944ace9895a2fbf5584e5c8c020974c7aff53bca72f36097d983de1a842
SSDEEP

12288:FiMN/GDA1CJz1QzTyuoIKIuB7ldzJB7gLU6wHcKXNZfDqcG/Tv/6TznQT8LtvBE8:8MN/GU1CJz1QKuoIKIuB7l5JKyN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf0596fe8cd45860ecb3e9d60af90376_JaffaCakes118

Files

bf0596fe8cd45860ecb3e9d60af90376_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b58c549bde920450397030bac50d9a41

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
GetModuleHandleA
GetProcessHeap
ExitProcess
HeapAlloc
HeapFree
IsBadReadPtr

user32

wsprintfA
MessageBoxA

Exports

Exports

CPAEE201348F
N3WEM41G4E89ZEW
Q9LOS7GS2EI75KSG
XOC693KQ230A25QU71LC

Sections

.text
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 475B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wzbhwm0
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ