28cffffd65fbae6f6cf48d5323644d4a_JaffaCakes118 | Triage

Sharing

General

Target

28cffffd65fbae6f6cf48d5323644d4a_JaffaCakes118
Size

256KB
MD5

28cffffd65fbae6f6cf48d5323644d4a
SHA1

d29172abdde126ab306514bff555c56e90c9dacd
SHA256

58f0e31931d2505ab36ca8595d1475de8b36455aca79509cf6ee58031e417f68
SHA512

a26a28e4d692a5732e9503bb970fae5522445782c7f7b605bb0fe2febe48e18a215d31094086cac997c720e771d0fa18e099135fa441b733bd7ef89c16894039
SSDEEP

3072:M3a6pdIUSt79x6ehVVoUucSBUqALA/nIpvYgqEtUHZSRSbLvPuEkbC0b:M3asmBt7h9ucUguI2HZnbLnuF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28cffffd65fbae6f6cf48d5323644d4a_JaffaCakes118

Files

28cffffd65fbae6f6cf48d5323644d4a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8556013cc13803c9c8f8bcf80391bd35

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MapVirtualKeyA
GetActiveWindow
LoadStringA
MessageBeep
GetMenu
MapWindowPoints
LoadKeyboardLayoutA

kernel32

GlobalAlloc
GetLocalTime
GetModuleHandleA
VirtualAlloc
GetLocaleInfoA
GetThreadLocale
VirtualAllocEx
ExitProcess
GetOEMCP
LoadLibraryA

Exports

Exports

_K2D@12
_AYR
7l
_1u@16
3bk@16
_2gN@4
Hnv@4
RT@8
_LE@4
AB@8
_k1Y@24
_i9
ip@24
_Q4d@8
_SY
_iH@12
t_7
_HR
9G@20
_hxs
dH@8
_zia@16
UQ@24
Ot0@8
_gK8

Sections

CODE
Size: 233KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eddata
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ