2a317ff45287b8b4911f794c9acf8033_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a317ff45287b8b4911f794c9acf8033_JaffaCakes118
Size

364KB
MD5

2a317ff45287b8b4911f794c9acf8033
SHA1

daf2a041b915705a5894bd218aad6a28419d2b75
SHA256

2577ffa0d20fc3c533f0dd80435a5229beb588b3697fc5052c389371e750022a
SHA512

fc48ed166b83c17252b2a141f14083159164fa0a1f90c0616867d29f24465df67c64a90b93804ca6cd7e0304feee7ba823c070e70280d38a8710c402129239a9
SSDEEP

6144:DW6sNBvA+j+4CnpCxAE0KPn7dB9Wc7V6qLJIg8ukjODlGzfcdc+pvsCojHViEosq:Duv5j3CcxR0e7Uc7MOJIP1WGzUdNiCo6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a317ff45287b8b4911f794c9acf8033_JaffaCakes118

Files

2a317ff45287b8b4911f794c9acf8033_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c5fb9c24f268f13ad394d4bf3be9e8e7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
FindResourceA
IsBadStringPtrA
SetLastError
ExitThread
GetModuleHandleA
GlobalFree
GetTickCount
CloseHandle
PulseEvent
CreateFileA
CreateMutexA
GetACP
HeapCreate
TlsGetValue
FindClose
GetEnvironmentVariableA
LoadLibraryA
DeleteAtom
ReleaseMutex

user32

DrawEdge
SetFocus
DefWindowProcW
CheckRadioButton
IsWindow
GetDlgItem
DrawMenuBar
CopyRect
DispatchMessageA
GetDC
CallWindowProcA
GetIconInfo
FillRect

msasn1

ASN1BEREncBool
ASN1BERDecNull
ASN1BEREncEoid
ASN1BERDecBool
ASN1BERDecCheck

dpnet

DirectPlay8Create

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 356KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ