bf071cefd4c63125fcb0ab98191b2aae_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf071cefd4c63125fcb0ab98191b2aae_JaffaCakes118
Size

182KB
MD5

bf071cefd4c63125fcb0ab98191b2aae
SHA1

57112f5f8f2c070138e3c359086809327fe06851
SHA256

904b9c1a14d588a37d9648c5800d7cd25ecf1c5d06473e88489ae81ebb329f64
SHA512

0de2fd2f5336cec0aaa4254fd5cf1b754437fdd29964ab9fea543945af5a8533df1f577fe709e927abacf8a7d317434c60b264090e58455ec71f0c82072df9c2
SSDEEP

3072:XwBaQYIyR1dBP1Wtrd80jq9PfDBfyKGqV2/uYq5R4Y/1cu+AhCob1o:ABaQYIcB9Wty0jqtLZyKGqgubnZb1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf071cefd4c63125fcb0ab98191b2aae_JaffaCakes118

Files

bf071cefd4c63125fcb0ab98191b2aae_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7f4d68df57bfd2e7a961b2983f31e440

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetModuleBaseNameW

ole32

IIDFromString
CoCreateInstance

kernel32

LoadLibraryExW
SetFileAttributesA
LoadLibraryW
VirtualQueryEx
HeapSetInformation
CreateProcessW
LocalAlloc
FindClose
CreateEventW
FindNextFileA
LocalFree
CreateDirectoryExA
FindFirstFileA
MultiByteToWideChar
GetFileAttributesA
EnumResourceNamesW
GetExitCodeThread
lstrcmpiW
lstrcmpA
Heap32ListNext
lstrcmpiA
WideCharToMultiByte
GetTempPathA
lstrlenA
CopyFileW
RemoveDirectoryA
lstrlenW
InterlockedCompareExchange
DeleteFileA
DeleteFileW

advapi32

RegQueryValueExW
RegQueryValueExA
RegCreateKeyW
RegCreateKeyA
RegOpenKeyExW
RegCloseKey
RegEnumValueW
RegSetValueExA
RegCreateKeyExW
RegOpenKeyExA
RegDeleteKeyW
RegDeleteValueW

Sections

.text
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ