2a250eb4a1e60c19bb7eb1477eb1f45e_JaffaCakes118 | Triage

Sharing

General

Target

2a250eb4a1e60c19bb7eb1477eb1f45e_JaffaCakes118
Size

52KB
MD5

2a250eb4a1e60c19bb7eb1477eb1f45e
SHA1

1ea06eb4e00a29d87204516b8b7db67cf8bed5ad
SHA256

a00faadd82c69c87094d73095cc43e8a4b5464e4354f6b8622096866d43429e1
SHA512

a1433ce35ae7381d5206b3d3d4525c15b26bc13075e65edeef8b42d93c8bb9552eb2afc95fc61b8df33adbb6cf43fa6b1bbb33f5f399f5dfced4636a04674349
SSDEEP

1536:0MNoPXnQtg6vI6Et+PD5B9CUO0hmveI+U:0MNoP3QtgarlP9B9CrvSU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a250eb4a1e60c19bb7eb1477eb1f45e_JaffaCakes118

Files

2a250eb4a1e60c19bb7eb1477eb1f45e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

98ec2c6315a9514a539fca23fd101257

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetWaitableTimer
GetProcAddress
GetSystemTime
SetLastError
SetEndOfFile
FindFirstChangeNotificationW
GlobalDeleteAtom
GlobalFree
ReadFile
GlobalUnlock
LoadLibraryA
MulDiv
CreateEventW
WritePrivateProfileStringW
FreeResource
GetModuleFileNameW
LockResource
WideCharToMultiByte
SetCurrentDirectoryW
lstrlenW
SuspendThread
SizeofResource
GetFileAttributesExW
GetFileSize
Sleep
VirtualAlloc

user32

IsWindow
SendMessageW
LoadBitmapW
OffsetRect
GetSystemMetrics
RegisterClassExW
FillRect
EnableWindow
GetWindowTextW
SetCursorPos
VkKeyScanW
ReleaseCapture
PostQuitMessage
GetWindowDC
SetLayeredWindowAttributes
LoadStringW
SendDlgItemMessageW
SetForegroundWindow

gdi32

GetClipBox
GetStockObject
CreatePen
DeleteDC
StretchBlt
CreateDCW
Rectangle
GetMapMode
CreateICW

advapi32

SetSecurityDescriptorDacl
RegNotifyChangeKeyValue
RegSetValueExW
RegCreateKeyExW
RegCloseKey
StartServiceW

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE