bfbeca9a7808ca6059721ce9f80087f8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bfbeca9a7808ca6059721ce9f80087f8_JaffaCakes118
Size

637KB
MD5

bfbeca9a7808ca6059721ce9f80087f8
SHA1

7e90fee08ca67edd1fc9110b5e176fc1b00f9d48
SHA256

24d9b263dc82e6f35a40ecdfb4a2c473b582325ea10fde4219f5efec44528660
SHA512

4fa0a53c57e2b4e6b9f11418cc00a34b90d63dbba233dce8ff5633e5e95e53434b49a599c56d11b06055a632a68d1e74f61722b48cf58dae7f642e4e88f38bed
SSDEEP

12288:TzKTBwOoP9oO6ZQTjwbkJPyXpJmuIwFPzk605Aky+oklRfg1JOpA0zvZ3E:PoGPyRQXkkJaXrmu05Ak6MRoXyhB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfbeca9a7808ca6059721ce9f80087f8_JaffaCakes118

Files

bfbeca9a7808ca6059721ce9f80087f8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b14db366bcf85c257f7294c78049a420

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
HeapReAlloc
GetModuleHandleA
FindAtomA
lstrlenA
GetAtomNameA
GetConsoleCP
TlsGetValue
GetProfileIntA
CloseHandle
CompareFileTime
HeapWalk
LoadLibraryA
VirtualProtect
WaitForSingleObject
TlsFree
GetStdHandle
GlobalUnlock
GetTickCount
GetACP
InterlockedExchange

user32

InsertMenuA
GetMenuStringA
PostQuitMessage
DialogBoxParamA
MessageBoxA
InflateRect
CreateCaret
GetKeyboardLayout
LoadIconA
SetWindowPos
TranslateMessage
SetPropA
SubtractRect
PaintDesktop
GetMenu
ShowWindow
EnableScrollBar
DestroyMenu
EqualRect
PostMessageA
CopyRect
GetWindowTextA
GetScrollRange
UpdateWindow
GetSubMenu
GetDlgItem
DispatchMessageA
ModifyMenuA

msi

MsiEnumClientsA
MsiGetMode
MsiCloseHandle
MsiEnumProductsA
MsiDoActionA

uxtheme

GetThemeBool

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ