ffbbe58af24e12892ff05dcc6f2eb807_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ffbbe58af24e12892ff05dcc6f2eb807_JaffaCakes118
Size

75KB
MD5

ffbbe58af24e12892ff05dcc6f2eb807
SHA1

cbf213121d67914fd0941011fe7bfa3df2f58486
SHA256

d852b69c8ef260ab72eea463de86b16469245501e36f3ecd84338c7100c17211
SHA512

1924f9122a9d48fbbdcf5504995a959af43db1abb4fc34fcabab062dc563fa543b1c3d1751537f779c406fff85786c3a514778ceb000cf1b9f46f43ce8fce32b
SSDEEP

1536:qtmv6FqlBX6Lkg3v6siEOSOo7b5uJg7boDXIjWOOvXZUI8Hw:qIv6FqDqLhVHRbIMbzjWBJUIaw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffbbe58af24e12892ff05dcc6f2eb807_JaffaCakes118

Files

ffbbe58af24e12892ff05dcc6f2eb807_JaffaCakes118
.exe windows:5 windows x86 arch:x86

63b68a22fd1a215f82f0f6f226c0bf47

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileSectionA
GetCommandLineA
WritePrivateProfileSectionA
GetStartupInfoA
VirtualAlloc
GetModuleHandleA

gdi32

RemoveFontResourceA

user32

LoadBitmapA
GetWindowTextA
ScrollWindow

Exports

Exports

InitYuuyepgr
SetLlnjrwix
BeginOwyaehb

Sections

.text
Size: 72KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ