2718eb0aedcc911d1f29a8351816f360_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2718eb0aedcc911d1f29a8351816f360_JaffaCakes118
Size

144KB
MD5

2718eb0aedcc911d1f29a8351816f360
SHA1

25701c02a9f5a040ffa2bb3de9105b574a580a75
SHA256

2eb28ab9d33b30e82f93365b4fb0dea2a0435a5a0d73c94c2e7a83ff7953c7e9
SHA512

0be62d3a57378bb686e965fde2bd5f474c413503c79b6ee702007bd65e432d07f6e9393b76163b8e3457eafedb5c41ad5dd76cda372fff0921f65fc8115b6c6e
SSDEEP

3072:qSkWVN90MgzXuIsGO/ro1jgwBRLyVDpZfo8gUmcskd2VGTMsI:dNG1zXKGWKZBtyVDL1fd2VGdI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2718eb0aedcc911d1f29a8351816f360_JaffaCakes118

Files

2718eb0aedcc911d1f29a8351816f360_JaffaCakes118
.exe windows:4 windows x86 arch:x86

32e402bef323c48cec9607a9c34c77e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetCommandLineA
CloseHandle
GetProcessTimes
LoadLibraryA
GetFileAttributesA
GetThreadPriority
GetModuleHandleA
ExitThread
FreeLibrary
GetCurrentProcessId
VirtualAlloc
GetLastError
GetCurrentThread
GetModuleFileNameA
GetFileType
GetCurrentProcess
Sleep
SwitchToThread
GetCurrentThreadId
ExitProcess

user32

GetActiveWindow
UpdateWindow
GetWindowTextLengthA
GetWindowDC
GetSystemMetrics
OpenIcon
IsWindowVisible
GetFocus
ReleaseDC
GetWindow
GetWindowLongA
GetForegroundWindow
BeginPaint
RegisterClassA
CreateWindowExA
ShowWindow
GetDC
GetClassLongA
GetWindowTextA

advapi32

RegCreateKeyExA
RegCloseKey
IsTextUnicode
RegOpenKeyExA
RegQueryValueExA
GetUserNameA

version

VerLanguageNameA
VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ