bf67c20fc108162c2e171676b91fa3c4_JaffaCakes118 | Triage

Sharing

General

Target

bf67c20fc108162c2e171676b91fa3c4_JaffaCakes118
Size

116KB
MD5

bf67c20fc108162c2e171676b91fa3c4
SHA1

6e707291bd9c53939cbeb311698af956e43431ac
SHA256

97b3f78201526c324f2bfa1c097accea1910802bc29f307377d8dcdbf8dbcd0b
SHA512

c1d0a4b25316c5a574b9dc469de5a1b1b4b7eeacdd45213b63e98a3de7cd3bd3661451b775dee228e1050754e576e1d4ffba072530f00ecea28eb50d031b8b7a
SSDEEP

3072:03hmOMyiL47c0gh4WZRVf/KZfLpxc02DRiSd:Wa47c0a9Oflxcj7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf67c20fc108162c2e171676b91fa3c4_JaffaCakes118

Files

bf67c20fc108162c2e171676b91fa3c4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

340ab78fc0500d584416fbac5743a024

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapWalk
GetPrivateProfileSectionA
EnumCalendarInfoExW
MoveFileExA
LocalShrink
EnumLanguageGroupLocalesW
FindFirstVolumeW
CmdBatNotification
GetShortPathNameA
GetProcessHeaps
EnumSystemCodePagesW
OutputDebugStringW
SetComputerNameA
ReplaceFileA
GetConsoleHardwareState
OpenEventA
GetCommTimeouts
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

.text
Size: 5KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE