2698fc4aedde24f63ea917295e0d52ee_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2698fc4aedde24f63ea917295e0d52ee_JaffaCakes118
Size

358KB
MD5

2698fc4aedde24f63ea917295e0d52ee
SHA1

c8b670a88f0a33ff5624a18534e6ecc4abf422f5
SHA256

3f95acc23ecd837a5c0a56f5648297bc38f93dfb4785420870401aa40deede9d
SHA512

a95706f959ff854b8302f5d0b7baa432a601f905d35e09469444890070f44ce0a140128fd72cae983488baf6a5ddf9cdcfde8ea1602443382a5d70be9a279569
SSDEEP

6144:PY4smvkh2wB+61LBOGeSsQteetllEF7Cs1RHi4jOW2COGXclc8penaeG:w4smvkhLTLB3vsWPvEF7j12GMQa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2698fc4aedde24f63ea917295e0d52ee_JaffaCakes118

Files

2698fc4aedde24f63ea917295e0d52ee_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4d34258b947c859af62690bf804ff7dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
CloseHandle
Sleep
GetDiskFreeSpaceA
ExitProcess
GetModuleHandleA
lstrlenA
CreateThread
AddAtomA
SetEvent
VirtualProtect
ReleaseMutex
FindResourceExA
DeleteCriticalSection
GetLastError
SearchPathA
GetConsoleFontSize
GetTickCount
TlsGetValue
FindVolumeClose

user32

GetKeyState
CreateMenu
EndDialog
CopyImage
GetMessageA
DialogBoxParamA
DispatchMessageA
CreateWindowExA
EnableWindow
GetScrollBarInfo
DragDetect
CloseWindow
IsIconic
CopyIcon

wshbth

WSHIoctl
WSHOpenSocket2
WSHJoinLeaf
WSHNotify
NSPStartup

shell32

FreeIconList

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ