2b14b36bbac5a2bb0e75dd200c586284_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b14b36bbac5a2bb0e75dd200c586284_JaffaCakes118
Size

655KB
MD5

2b14b36bbac5a2bb0e75dd200c586284
SHA1

e3b467962a0954d1f7525881367704e6e2f68c40
SHA256

84227e1c7900d09b64f29bc0ebea69df5116121dda356c23d947e53774b616ab
SHA512

998f0d649ced9a869c112db681c9aff25a709bb8847af4b974c686737154d17971c5d194ea741aa144f01dc891146d81eda6f50e1acc1cb05af93c2b024ea75a
SSDEEP

12288:xZ3kj02MO4wkqlVaAH/OoUd+L4nGGkuEYHB94KzjJ44FhjtfYP8oltyt:XCMunQdrLh6ejJLhBk8l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b14b36bbac5a2bb0e75dd200c586284_JaffaCakes118

Files

2b14b36bbac5a2bb0e75dd200c586284_JaffaCakes118
.exe windows:5 windows x86 arch:x86

acaff1dcd179fc9e7b180dcd4ee77ee0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ShowWindow
GetPropA
LoadIconA
CharToOemW
LoadCursorW
MessageBoxA
PostMessageW
GetClassLongW
IsCharUpperA
PeekMessageA
GetDlgItemTextA
LoadBitmapA

kernel32

ReadFile
GetStartupInfoA
CreateFileMappingA
LoadLibraryExW
GetFileAttributesW
CreateProcessW
CloseHandle
LoadLibraryA
HeapAlloc
VirtualAlloc
OpenFileMappingA
LocalFileTimeToFileTime
CreateMailslotA
GetACP
FindResourceExW
OpenSemaphoreA
SetCurrentDirectoryW
WriteConsoleA
CopyFileA

resutils

ResUtilGetBinaryValue
ClusWorkerStart
ClusWorkerTerminate

Sections

.text
Size: 648KB - Virtual size: 647KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ