bef8b24a626d99a3d41257061679339e_JaffaCakes118 | Triage

Sharing

General

Target

bef8b24a626d99a3d41257061679339e_JaffaCakes118
Size

128KB
MD5

bef8b24a626d99a3d41257061679339e
SHA1

e7eb63483cf9161860ec4800db41280644485e8f
SHA256

f0934dce9880901a78ecee869dc30e73e7590139d61dac76253d1fc2aa40dfdf
SHA512

8ad92946f15c078c4eccb2cccf0a429b540aee68d454e8b01e825ec3f083ac960d1d785daac73e6bf32f6ea4b73298a4f4413627c1cec8751a54c135344fa524
SSDEEP

3072:Hk5befKvym0qeWLnsi5VildHCzU4tf0dj0Sq9Fv8S4LBtlu2h8Zshri:Hkptym7Lsi5VgBCDGjqFv8Ff0cr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bef8b24a626d99a3d41257061679339e_JaffaCakes118

Files

bef8b24a626d99a3d41257061679339e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cd50e5ae64a6ad759553416cc554a239

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateCompatibleDC
DeleteDC
SelectObject
BitBlt

user32

UpdateWindow
SendMessageA
ReleaseCapture
MessageBoxA
LoadBitmapA
InvalidateRect
GetClientRect
EndPaint
EndDialog
DialogBoxParamA
CreateDialogParamA
BeginPaint
SetCapture

kernel32

GetModuleHandleA
lstrcatA
Sleep
InterlockedExchangeAdd
HeapFree
HeapDestroy
HeapCreate
HeapAlloc
GetTickCount
GetProcAddress
ExitProcess

shell32

SHGetSpecialFolderPathA

Sections

.text
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 570B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ