2a54d12542298b05cfc98781ab4483d0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a54d12542298b05cfc98781ab4483d0_JaffaCakes118
Size

23KB
MD5

2a54d12542298b05cfc98781ab4483d0
SHA1

3a5537763c51f65498ba5d1307a1f3059d314f17
SHA256

793b3a09e859e30425373c69fc1627c0e11a602ed29a1956c8f85ae7f961d22b
SHA512

f41ed15cae22c334ed21a7900851628b71dfe8907ff6fbc0cdd471f2ecc47c67cf31ae8ee8237e5cbcd21bc9b154b6d3752cc1f0be4bd9658eb51a80c0b68799
SSDEEP

384:t+a/4Zea4RvezLqJvxz5j5ZySK8QjVUMgkiUOCibJEV8ro:tcwRveKxxz5j+BjVUvk81JQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a54d12542298b05cfc98781ab4483d0_JaffaCakes118

Files

2a54d12542298b05cfc98781ab4483d0_JaffaCakes118
.exe windows:1 windows x86 arch:x86

928ac7e9afe926f0a0a9062b9e45eac1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringA
FormatMessageA
GetModuleHandleA
GetProcAddress
GetSystemDefaultLCID
GetTempFileNameA
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
IsDBCSLeadByte
LoadLibraryA
LocalFileTimeToFileTime
MulDiv
SetFileTime
Sleep
VirtualAlloc
VirtualFree
WaitForSingleObject

advapi32

RegOpenKeyExA
RegQueryValueExA

comdlg32

ChooseColorA
GetOpenFileNameA
GetSaveFileNameA
PageSetupDlgA

Sections

.rsrc
Size: 1024B - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

CODE
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 4KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE