2a54968378041dd8efdebe8bbc87a196_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a54968378041dd8efdebe8bbc87a196_JaffaCakes118
Size

335KB
MD5

2a54968378041dd8efdebe8bbc87a196
SHA1

7bbfeab10e43b6b0cc2a9b636bab16a2d4403516
SHA256

024c9e61785d0bdd9a98796daa2e823751614fdcb611d10d85c719220e971860
SHA512

9c6ffbc62e2aeb57f3c66365dc83cc96ec13f28c2a94b62868d97951f603e55d54642eef451dc47dc98440facfbe11bd641efd7ecb17cd5e7d2876007a5f33ad
SSDEEP

6144:BPNvkh6dtbcQraISqHEdkbB79QYeiqvG+6Tm3NI0TgupwPVIju+qVovkAOYJEh:l2hG1ReItkd67NO6i3NICgFPoMAOZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a54968378041dd8efdebe8bbc87a196_JaffaCakes118

Files

2a54968378041dd8efdebe8bbc87a196_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c449c6acc74114298bce97ec50191c3a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsFree
TlsGetValue
HeapWalk
GetTickCount
CompareFileTime
GetConsoleCP
GlobalUnlock
CloseHandle
GetModuleHandleA
GetStdHandle
FindAtomA
VirtualProtect
GetACP
GetAtomNameA
lstrlenA
GetVersion
InterlockedExchange
WaitForSingleObject
LoadLibraryA
HeapReAlloc
GetProfileIntA

user32

MessageBoxA
CopyRect
GetDlgItem
ShowWindow
ModifyMenuA
SubtractRect
GetKeyboardLayout
SetPropA
GetScrollRange
SetWindowPos
DestroyMenu
PaintDesktop
PostMessageA
GetMenuStringA
GetMenu
CreateCaret
DialogBoxParamA
EqualRect
UpdateWindow
LoadIconA
DispatchMessageA
TranslateMessage
PostQuitMessage
EnableScrollBar
InsertMenuA
GetWindowTextA
InflateRect

msi

MsiGetMode
MsiEnumProductsA
MsiCloseHandle
MsiEnumClientsA
MsiDoActionA

ws2_32

WSAAccept

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 748KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ