bff2cda61936c09a3a7e052fda5bde1b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bff2cda61936c09a3a7e052fda5bde1b_JaffaCakes118
Size

637KB
MD5

bff2cda61936c09a3a7e052fda5bde1b
SHA1

4d41c9c6e2aba184781099cb9c4e80f7f63fa5d2
SHA256

59153485ea094d2f695c6b51fb5822cb43e217af0bda1caea60e275c1b1f4da7
SHA512

af19ff5cbb65b8bda30e10609add072e380a988ba095db5e424ac7aa9ca45d2ec37540372171c02fdf4a5f464e9d9940b14f6e234e21bdf13a3ae035ab7b2766
SSDEEP

12288:B5PRaMA7l/SPNAtFQJd4Yj2GKiY+YB/ZlsTNslrTuveLNBI:BpRaMw0NAtFmjBKaQKTcvu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bff2cda61936c09a3a7e052fda5bde1b_JaffaCakes118

Files

bff2cda61936c09a3a7e052fda5bde1b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

afb7eb6be6c83e2a47cc9b9f5a926fda

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
VirtualProtect
InterlockedExchange
FindAtomA
GetVersion
CompareFileTime
Sleep
GlobalUnlock
GetConsoleCP
GetAtomNameA
GetModuleHandleA
GetTickCount
HeapWalk
lstrlenA
TlsFree
WaitForSingleObject
CloseHandle
LoadLibraryExA
GetACP
GetProfileIntA
SetEvent

user32

CreateCaret
PostQuitMessage
DispatchMessageA
CopyRect
GetSubMenu
GetKeyboardLayout
UpdateWindow
PaintDesktop
ModifyMenuA
InsertMenuA
PostMessageA
SetWindowPos
EqualRect
MessageBoxA
GetMenuStringA
GetDlgItem
InflateRect
GetWindowTextA
DestroyMenu
EnableScrollBar
SetPropA
SubtractRect
LoadIconA
GetScrollRange
TranslateMessage
GetMenu
ShowWindow
GetWindowLongA
DialogBoxParamA

msi

MsiGetMode
MsiDoActionA
MsiCloseHandle
MsiEnumProductsA
MsiEnumClientsA

uxtheme

GetThemeBool

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ