bffbbe2db76d0456d8be30731f213892_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bffbbe2db76d0456d8be30731f213892_JaffaCakes118
Size

216KB
MD5

bffbbe2db76d0456d8be30731f213892
SHA1

5363afd99d4926ae40bf6bb41bed58c24a5639dc
SHA256

ce47d1f51da9e633da29a093db48677dffd4d89a03e920ecdb70ed61be08457e
SHA512

4329acd9c41f29275ee62d69292ece7c5127d0539eed1de71f376f0a450194980a1b1f42c7ee7448024de0022578040ef6e66b393ff97b4828eea6e9d1c9c1f1
SSDEEP

1536:jAcg2LgFRGXf1ZQdYVyAAs8s10PBj3fCKUHtthjyCbIgbCh96pCJuEJwXtB4jcq1:jAyLtfLh8AAVhKNnyCb3Ch9JultBGmk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bffbbe2db76d0456d8be30731f213892_JaffaCakes118

Files

bffbbe2db76d0456d8be30731f213892_JaffaCakes118
.exe windows:4 windows x86 arch:x86

93d77071a92c761d72547a51c66bbcb6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
GetModuleFileNameA
SetMailslotInfo
SetConsoleIcon
SetThreadContext
DuplicateConsoleHandle
GetConsoleAliasA
VirtualAlloc
FindFirstVolumeMountPointA
lstrlenA
Module32First
GetLocaleInfoW
GetCurrencyFormatA
GetCommandLineA
GetExpandedNameA
SetConsoleHardwareState
GetCommMask
HeapSetInformation
MapUserPhysicalPages
GetProcessHandleCount
GetPrivateProfileStructA
OpenJobObjectA
GetPrivateProfileIntA
GetCommandLineA

shell32

SHGetSpecialFolderPathA

mpr

WNetGetConnectionA

winmm

timeBeginPeriod
timeGetTime

Sections

.idata
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 204KB - Virtual size: 484KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ