bfd43a0cb15b51128547c271f947d344_JaffaCakes118 | Triage

Sharing

General

Target

bfd43a0cb15b51128547c271f947d344_JaffaCakes118
Size

149KB
MD5

bfd43a0cb15b51128547c271f947d344
SHA1

486834cdbf0d9f55469c7ba36a009deb42413cea
SHA256

1746ca7d8210b031500bf33c45c27f76ad0063f80310b8ebacb9d1b6901ad5a0
SHA512

03518873ee8e1b102b164d727d93c8dad76fcf4d71a10111cc631c89db3f0858106bfbbf72508415aca6b61877dafa8ce4a10d46367e45a7f00c0589af5cb687
SSDEEP

3072:Ujn48F3EEhJ/5MJp2Mpyn6H1U2eA6xQPIfRqm1AHBrJoDMqqDLy/BS06qz4m:UD48F3E+wJp2MplVU6PIfwmyhZqqDLuU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfd43a0cb15b51128547c271f947d344_JaffaCakes118

Files

bfd43a0cb15b51128547c271f947d344_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c0059a35fa7707c7e59b79cdb684a6fb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualProtect
GetCommandLineA
RtlUnwind
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
HeapAlloc
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Sections

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ