2a137792ff5d4e9aefddecb8684ed070_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a137792ff5d4e9aefddecb8684ed070_JaffaCakes118
Size

176KB
MD5

2a137792ff5d4e9aefddecb8684ed070
SHA1

d97206978c10a2b5b675c50e73bb6c6a6ab1b676
SHA256

dae658684b49a5a12878f89f4c2d0b92d592bd7432f5435c0482be8e159fd0d3
SHA512

868e7a44a3ed9461e0887bfc138fbbeaf7d3f988a6a445d70f7ffb02dca5289a418ed1d8394052c80c3bb10a6e3a2940772b6c33e5289fe2df3aa24f7f12e75a
SSDEEP

3072:Co02lgyv8WRTrdL2TRZ7YGEGigPRjTGY4EgYKVTsd/Htb3+I19hAbqbiZq1FX:CoxlX0EgTsnGigPhSY4EjATs33F1/Yq5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a137792ff5d4e9aefddecb8684ed070_JaffaCakes118

Files

2a137792ff5d4e9aefddecb8684ed070_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b5a45b4c0d9c6989f88d9712f0b4ce9b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

H:\TqrWttCOmEvQ\kyjivri\iulpcqpjzduxft\ypoXRphgdFYcIK\evXmlzv.pdb

Imports

user32

SetWindowPlacement
CreateCaret
EqualRect
RegisterWindowMessageW
DrawFocusRect
RegisterHotKey
ChildWindowFromPoint
AppendMenuW
LoadBitmapA
IntersectRect
GetCursorPos
EnableMenuItem
IsCharAlphaW
DrawStateA
InvertRect
wsprintfA

kernel32

GetModuleHandleA
TlsGetValue
GetFileAttributesExW
GetComputerNameA
SetFileAttributesW
LoadLibraryExW
MulDiv
GetShortPathNameW

shlwapi

StrRChrA

gdi32

EndPage
SetDIBits
StartPage
SetViewportOrgEx
SetBitmapDimensionEx
GetNearestPaletteIndex

msvcrt

strncpy
_controlfp
__set_app_type
__p__fmode
__p__commode
_amsg_exit
_initterm
_ismbblead
_XcptFilter
wcscat
_exit
_cexit
__setusermatherr
__getmainargs
iswprint

Exports

Exports

?FutureProspect@@YGHPADK|U

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 154KB - Virtual size: 413KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE