2a5a231281210997480a6c0a39e26a58_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a5a231281210997480a6c0a39e26a58_JaffaCakes118
Size

126KB
MD5

2a5a231281210997480a6c0a39e26a58
SHA1

2c7d2e056bd3cf5305051363bb91893a118ebe64
SHA256

45b4cf92fea5463ad9a8aff654f677e6c96e30741bdea341184ddf79a96966be
SHA512

948b63c56c5a7a4739b031ae05ed86fe59194f3d4419ddf91d3e2ac37add4c66e7d2f867991556f046e8ba19780af92fb6a6871ae6f4e79b114aa68b34998fd9
SSDEEP

3072:5ejlsAWv9bXFk8Qzmx9v0sa94DK6gYe974wgCNgXdPVq9:5eRRWv9Vk8Qzm/sBlKNP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a5a231281210997480a6c0a39e26a58_JaffaCakes118

Files

2a5a231281210997480a6c0a39e26a58_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e425d776ce69b8b3addeb4585a95f50f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetCurrentThreadId
HeapFree
IsBadHugeReadPtr
LoadResource
VirtualAlloc
LoadLibraryA
InitializeCriticalSection

shlwapi

SHStrDupA
PathFileExistsA
SHQueryInfoKeyA
PathIsDirectoryA

gdi32

GetCurrentPositionEx
GetDIBColorTable
GetBitmapBits
GetDCOrgEx

comdlg32

FindTextA

user32

LoadIconA
GetSysColor
GetMenu
GetSubMenu
CreatePopupMenu
IsWindow
GetSysColorBrush
GetScrollRange

Exports

Exports

_X2pUtE@8
_7jVhO
_hOmZX@20
_vLkiYMX@20

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ