2834bc0a7cc58761b50149450f128645_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2834bc0a7cc58761b50149450f128645_JaffaCakes118
Size

21KB
MD5

2834bc0a7cc58761b50149450f128645
SHA1

154d298e2caa400a3a51bb85def642d5280c104d
SHA256

d7431c03dd925680ded5304919b06002d2cc36717d05e3cb45583fd3e715f564
SHA512

41613fac54f480b4ad08abde1fc4c0484413bec29df8400d098dab68ea321622cd6173a47ca8abf86cac0891c0f3b98533fda97c8ce30e3ced5cb779c0296a75
SSDEEP

192:pxyu0d0tQCiPagVXKvisgiz7JIQu18qwazqbHhaSepfr0:O2QaiKKsgiz7i+35Hh5epfr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2834bc0a7cc58761b50149450f128645_JaffaCakes118

Files

2834bc0a7cc58761b50149450f128645_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a1faced358d9986f2c974b828082ff15

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
CloseHandle
GetModuleHandleA
lstrcatA

gdi32

MoveToEx
SelectObject
GetTextExtentPoint32A
GetPixel
ExtTextOutA
SetROP2
PatBlt
LineTo
CreateFontIndirectA

user32

ScreenToClient
PostQuitMessage
GetFocus
DefWindowProcA
GetMessageA
SetWindowTextA
EndPaint
ShowWindow
TranslateMessage
MessageBoxA

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 993B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ