bf09f536b139f57d3a4d097ec22238dd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf09f536b139f57d3a4d097ec22238dd_JaffaCakes118
Size

1.5MB
MD5

bf09f536b139f57d3a4d097ec22238dd
SHA1

2d68930fca6223d142194bb27091f474762713ec
SHA256

95e5c152780d1562bfbf19807ae90b58052c05e4a34d32ac87d9c29dc6f16f9c
SHA512

60576e2e07176bd741f3ede3991f95d1f9e61ecb004d3514b7128c4a535cacd3442106f698b042824e3d58b32063c7dade638800a0cafa3f01fdaa2d6284d24b
SSDEEP

24576:tIC8K4yZLENw+5q6rX1nFEaqgU0v+DdLT3I5uuLDbj6KvR1g8rtiao49m:iCJ46L36rlnFE4v0LEt3uSliaoh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf09f536b139f57d3a4d097ec22238dd_JaffaCakes118

Files

bf09f536b139f57d3a4d097ec22238dd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1933d7761ad9400b91f0ecdad5a33e6e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
lstrcatA
lstrcmpA
lstrlenA
CreateDirectoryA
GetTempPathA
FindClose
FindNextFileA
DeleteFileA
RemoveDirectoryA
FindFirstFileA
lstrcpyA
LocalFree
FormatMessageA
lstrcpynA
GetFileAttributesA
WriteFile
GetLastError
CreateFileA
Sleep
WaitForSingleObject
CreateProcessA
UnmapViewOfFile
GetFileSize
MapViewOfFile
CreateFileMappingA
GetModuleFileNameA

user32

MessageBoxA
wsprintfA

Sections

NicoDE
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ