bffbdcb242d02f3e06a42d4683c01333_JaffaCakes118 | Triage

Sharing

General

Target

bffbdcb242d02f3e06a42d4683c01333_JaffaCakes118
Size

58KB
MD5

bffbdcb242d02f3e06a42d4683c01333
SHA1

73455874e31abd2f6691b3ddd548d3a98f459946
SHA256

22360041c4371f5fe11533c3ca81ab454efc98fc14701c5984fef08109fa4e4a
SHA512

7fa5d07284ce7b0b7254d1a8f8321678d5286fe24795c9897abbc6b69bbbc0921b81c039a636e6f226691d42143b8bc94dc7314a1daa5c53bdc5a3dcfb330333
SSDEEP

1536:mgugB5SgUYjArwb78oPqDVKpVTwmBLJnMmecFnC9q:mguWYdrwbxPaKp9wmBLJnMdkmq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bffbdcb242d02f3e06a42d4683c01333_JaffaCakes118

Files

bffbdcb242d02f3e06a42d4683c01333_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e052f6f5763114814c685012cbb8482a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
RtlUnwind
SetEnvironmentVariableA
FileTimeToLocalFileTime
MulDiv
GetSystemInfo
CreateFileA
LCMapStringA
GetProcessAffinityMask
GetEnvironmentStrings
Sleep
EnumSystemLocalesA
lstrlenA
GlobalAlloc
PulseEvent
CreateEventA
SetEndOfFile
GetCurrentDirectoryA
GetACP

advapi32

GetSidSubAuthority
CreateProcessAsUserA
AddAccessAllowedAce
MapGenericMask
RegDeleteValueA
GetAce
AdjustTokenPrivileges
OpenServiceA
CopySid
LookupAccountSidA
RegConnectRegistryA
FreeSid
SetTokenInformation

user32

BeginPaint
CreateWindowExA
GetWindowDC
LoadBitmapA
LoadIconA
GetWindowThreadProcessId
EnableWindow
DrawIconEx
LoadStringA
SetCursor
SetWindowPlacement
PeekMessageA
InvalidateRgn
ReleaseDC

ole32

CoRegisterPSClsid
CoGetStdMarshalEx
OleCreateMenuDescriptor
OleRun
OleCreateLinkEx
CoGetPSClsid
CoMarshalHresult
CoFileTimeNow
CoRegisterSurrogate
CoReleaseServerProcess

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ