2a7df2c84dd6a0e2a2e7a3573c6fe8a5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a7df2c84dd6a0e2a2e7a3573c6fe8a5_JaffaCakes118
Size

23KB
MD5

2a7df2c84dd6a0e2a2e7a3573c6fe8a5
SHA1

ed6d0d0545ebfd35ab22a718a73e3c80b5326405
SHA256

9a88876dbc188373da2580a7488209f9383f91750082fef95ee2fedbbec36f6a
SHA512

02f4174875e17577567dd78afef12f09fb8119547fc70f99788e2c306abc828f773fc2eb318d0b098db833b3b22f54401e956254ef69b9bcb80fdea0f99911e9
SSDEEP

192:Jm72Pmq3HhmlzIseIQYp5pDJ3twoYQnoXnbR2K:JM2hUlzRgY/hYT92K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a7df2c84dd6a0e2a2e7a3573c6fe8a5_JaffaCakes118

Files

2a7df2c84dd6a0e2a2e7a3573c6fe8a5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0a0a438e878cb9d104fe40ba05bed7bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
lstrcpyA
PulseEvent
GetThreadTimes
GetExitCodeThread
GetOEMCP
GetConsoleCP
TlsFree
GetModuleHandleA
GetNumberOfConsoleMouseButtons
VirtualAlloc
GetConsoleInputWaitHandle
GetUserDefaultLangID
GetThreadPriority
EnumCalendarInfoA
ReleaseMutex
lstrcatA
SetEvent
IsDBCSLeadByte
GetThreadLocale
OutputDebugStringA

user32

ValidateRect
ReleaseDC
CloseWindow
GetClassNameA
IsIconic
IsWindowVisible
RegisterClassA
GetWindow
GetWindowTextLengthA
ShowWindow
GetWindowTextA
InvalidateRect
ReleaseDC
GetDC
GetClassInfoExA
GetFocus
GetForegroundWindow
GetSystemMetrics
GetActiveWindow

tapi32

MMCShutdown
MMCSetServerConfig
MMCSetLineInfo
MMCSetPhoneInfo
MMCInitialize

mlang

DllGetClassObject

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ