2928f3d996363f75c7759369c101f9e0_JaffaCakes118 | Triage

Sharing

General

Target

2928f3d996363f75c7759369c101f9e0_JaffaCakes118
Size

413KB
MD5

2928f3d996363f75c7759369c101f9e0
SHA1

58464ff37210dadd2c4e4fb7181b522008d8ed8e
SHA256

4fbcf9e7c53c7dfbbc4e514b78d1b6adf1bc35905b71934f53aecb16ad826df0
SHA512

c974a4c61d29722daab1be0957ccfddb44eec15acabb93a7328d68e8226e570fde072bc665a338f3fa9a35356aa2db722df0ac3ff65c4339d15cd68214ab33b6
SSDEEP

6144:IYWXQ7r0pjst48BVA0gP+VdQnQCgIwe/xSqF5loDOvOYbHgG8vpCWS9cXASj8k:fAjCvM0hdCQEptoqvO6AG8Md9cQS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2928f3d996363f75c7759369c101f9e0_JaffaCakes118

Files

2928f3d996363f75c7759369c101f9e0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b966bef5dd8e606b266054ea485d2d51

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileStringA
GlobalFlags
ExitProcess
GlobalLock
GetProcessHeap
VirtualAlloc
GetStdHandle
FindAtomA
FormatMessageA
CreateHardLinkA
GetVolumePathNameA
GetModuleHandleA
EnterCriticalSection
GetOEMCP
CloseHandle
GetCommState
ClearCommBreak
CreateJobSet
GetTapeStatus
GlobalFree
GetUserDefaultLangID

user32

ValidateRect
BeginPaint
CloseWindow
GetFocus
GetWindowTextA
GetWindow
DrawEdge
RegisterClassA
GetClassNameA
IsIconic
GetClassInfoExA
EndPaint
ShowWindow
ReleaseDC
GetDC
GetForegroundWindow
GetWindowTextLengthA
GetParent
GetActiveWindow

gdi32

GetCharWidthA
GetColorSpace
CreateDCA
CreateDIBitmap
ExtCreatePen

sxs

SxsLookupClrGuid

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ