bfcb9a484c392ae8accce6d9e798b902_JaffaCakes118 | Triage

Sharing

General

Target

bfcb9a484c392ae8accce6d9e798b902_JaffaCakes118
Size

167KB
MD5

bfcb9a484c392ae8accce6d9e798b902
SHA1

ff8be2e2883afc3f7fad9aa1dadbe03e778286ad
SHA256

1b96ddd4a19004fa569d13b757b40f6278d1286b3de0b44461ea01baa8830f4b
SHA512

5a615d3c2cc6b1619d0b6dfc5a6b47bf7c3c57097264c0bed3485122127c46b5b91dd01bb9ab003ec2fe6d86e1322f701d6fd26124a5979585135601a5984e76
SSDEEP

3072:T9ckJJbdeFHUFOdmrJtFeUY9zCSdtgpkBehaOunkfJ7tEKNzlgYhlQQB3+sf:TOkvhEAe9+tbonkxtzBhay3Tf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfcb9a484c392ae8accce6d9e798b902_JaffaCakes118

Files

bfcb9a484c392ae8accce6d9e798b902_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fc79fdf045816b9f956be6da7dc216c2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

FindClose
GetNextVDMCommand
FileTimeToLocalFileTime
CompareStringA
GetShortPathNameW
FindResourceW
SetThreadPriority
FindNextFileW
SetCurrentDirectoryW
FileTimeToSystemTime
LocalFileTimeToFileTime
FreeLibrary
SystemTimeToFileTime
EnumResourceNamesW
RegisterWaitForSingleObject
GetStringTypeW
FindFirstFileW
LoadResource
SetEnvironmentVariableW
GetLocalTime
SetErrorMode
SearchPathW

user32

ExcludeUpdateRgn
ValidateRgn
GetCapture
ValidateRect
SetCapture
RealGetWindowClassA
ReleaseCapture
InvalidateRgn
GetUpdateRgn

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ