bf1d100749421e8bd7112593ba03b9c0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf1d100749421e8bd7112593ba03b9c0_JaffaCakes118
Size

295KB
MD5

bf1d100749421e8bd7112593ba03b9c0
SHA1

e0d5ec20c7b9dfced31cbb0dc7c31a1235ab6c8f
SHA256

cf483fa9eda89b2055cd4f16c1025eb097023c39604718bb3ca7d8246ee17678
SHA512

b71a72e34ff545f32ed93bbdde53f6c5b7768bf8793212a6231b5de63c72ccd146d4cefd3c4d03a11c459d257e5268ccc69c8f2f99f130e830f4b563b28fa91e
SSDEEP

6144:942cY1jwQGDAGU/0sJeHG1YQdJQ7G2pA+qeDP:99wQEA0PTCuq2pn/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf1d100749421e8bd7112593ba03b9c0_JaffaCakes118

Files

bf1d100749421e8bd7112593ba03b9c0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3e5d3f88bf43e39181a250816f1c5251

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateEventA
CreateThread
EnterCriticalSection
ExitThread
FreeLibrary
GetTickCount
GlobalAlloc
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
ReleaseMutex
SetEvent
SetFilePointer
SetThreadPriority
Sleep
WaitForSingleObject
WriteConsoleA
lstrlenA

user32

FindWindowW
IsChild
SetWindowLongW
SystemParametersInfoW
EqualRect

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 692B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 281KB - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ