2524deb795d88bd04e3fb8fd70880f9d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2524deb795d88bd04e3fb8fd70880f9d_JaffaCakes118
Size

63KB
MD5

2524deb795d88bd04e3fb8fd70880f9d
SHA1

18318d03e4d63df404ed8672af05c34803f40945
SHA256

d0d6848d985dbee8c6263c193a2a226dfc26b6748220347480ea8aa3185af664
SHA512

7a2b716b7afdbbc09feb7d229dc5e8f538248ae19c4dd4b37a936f20b5337abca9bef7577185fb41b2a49a2c8f43fd1d959888e4d1bb09e1c45ab83971e19c3d
SSDEEP

1536:/VNCBe5SPg3OpydRAwGO2vywOO2YlwBkayqyFA37LF:db5SPByrlOawL69yqyFALh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2524deb795d88bd04e3fb8fd70880f9d_JaffaCakes118

Files

2524deb795d88bd04e3fb8fd70880f9d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

98ae6977a137c0cf8f50222473beb229

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_DragShowNolock
ImageList_Draw
ImageList_DrawEx
ImageList_Remove
ImageList_Read
ImageList_Create
ImageList_GetBkColor
ImageList_Destroy
ImageList_Add
ImageList_Write

gdi32

GetObjectA
CreateCompatibleDC
CreateCompatibleBitmap
CreatePenIndirect
GetBkColor
GetTextAlign
CreateBitmap

user32

SetClipboardData
SetClassLongA
SetActiveWindow
SetCapture
OpenIcon
GetDesktopWindow
LoadBitmapA
SendMessageW
CreateMenu
GetMenu

shell32

SHGetDesktopFolder
SHGetFolderPathA

kernel32

IsBadHugeReadPtr
FindResourceA
FreeResource
LoadLibraryA
FindFirstFileA
VirtualAlloc
ExitThread
FormatMessageA
FreeLibrary
FindClose

Exports

Exports

I9VYXO3@24
CMImP
_f2sNuV4cyrd

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ