2685dc11491d6f6b1d431f923090f347_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2685dc11491d6f6b1d431f923090f347_JaffaCakes118
Size

636KB
MD5

2685dc11491d6f6b1d431f923090f347
SHA1

f7f776ef68ff8a64274d55242f2a697be73fa2de
SHA256

e0d6a490b36ca9d7c8c40a9d815dc69dcbb20ad156b6a7d83d243658c708ad21
SHA512

d9181b743f0449c1c5d677c2d291a5f98c1453a9e394e371fd6692822472d8546bddbe05eec20552f15363d44054aab7c60b4beb9739c9257f3cc24ed3975cce
SSDEEP

12288:2p1Nfjk1bsLb7LfmkqOUBRZvfCHXYCImAV7xdBiNtbcl+V50ES:2p7AtsLb7zmk2B7cDAxxOjTV5Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2685dc11491d6f6b1d431f923090f347_JaffaCakes118

Files

2685dc11491d6f6b1d431f923090f347_JaffaCakes118
.exe windows:4 windows x86 arch:x86

95e835f797cbff2b40fb30d0e97ceb9d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
CreateIoCompletionPort
GetCurrentThread
GetModuleHandleA
WaitForSingleObject
HeapQueryInformation
HeapCreate
GetStdHandle
InterlockedExchange
GetACP
IsDebuggerPresent
GetTimeFormatA
GetLogicalDrives
HeapDestroy
GlobalMemoryStatus
GetCurrentProcessId
GetEnvironmentStringsA
GetProcessVersion
VirtualProtect
GetTapeStatus
GetProcessHeap

user32

FillRect
DragDetect
GetFocus
GetParent
SetActiveWindow
BeginPaint
GetDlgItem
ReleaseDC
GetWindow
GetCursorPos
GetTitleBarInfo
GetClassNameA
SetForegroundWindow
EndPaint
FrameRect
GetWindowTextLengthA
DrawTextA
ShowWindow
wsprintfA

gdi32

CloseFigure
GetLayout
CreatePalette
GetClipBox
CreateBitmap

setupapi

SetupCloseLog

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ