bfbe94c37029883f7f39700b0fb234cd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bfbe94c37029883f7f39700b0fb234cd_JaffaCakes118
Size

415KB
MD5

bfbe94c37029883f7f39700b0fb234cd
SHA1

48c7c58e539cb268377b4e60ad00082198fb3c4a
SHA256

d1c5da6d21b6488bf7c4a68dc0f17c5c7e8a04c2885899ed7878a7b0c79095f6
SHA512

69a5aefa6e83e2fbd43ea3a5f0aaace14583aa9a1e8d77addfdc53ba0cc9a05fd423fd8f62ce8eba6b51a18aca6479aa34ed8417e0735f766f32b15f2c1c0c19
SSDEEP

6144:GnLQCwenm6Q4ukSOxPPyw1IPNYNd+m1aH36TUXUJ+fEG6BIFQMQWcM0UEA79QWuq:JPenm6Q4uk7P6kJuEG6BAQMQKqWdaG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfbe94c37029883f7f39700b0fb234cd_JaffaCakes118

Files

bfbe94c37029883f7f39700b0fb234cd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

44dfd29b092b19681f7933ece3e69a64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
GetKeyboardType
CreateWindowExA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
GetACP
TlsSetValue
lstrcpyA
Sleep
VirtualProtectEx

advapi32

RegQueryValueExA
RegQueryValueExA

oleaut32

SysFreeString
SafeArrayPtrOfIndex

version

VerQueryValueA

gdi32

UnrealizeObject

comctl32

ImageList_SetIconSize

winspool.drv

OpenPrinterA

Sections

.text
Size: 24KB - Virtual size: 720KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE