2ad44eff9669d039ce03f245ab982c7e_JaffaCakes118 | Triage

Sharing

General

Target

2ad44eff9669d039ce03f245ab982c7e_JaffaCakes118
Size

199KB
MD5

2ad44eff9669d039ce03f245ab982c7e
SHA1

e04adc0eb02a70a6b53ed5d8499baa7e389d7694
SHA256

540671d33e92334b309d2685ffcd8619d75383037d29a0d3d9a192e5b694ad61
SHA512

05f0293217c2afd6dbfb9aa3a4c45bbe813dfd9f1c211c4fe364e804141c9e1d67f8bc172f8c77ea9cb4758bebaa28b9632e0c8fcb950ffabb25876717d747ad
SSDEEP

3072:NQMkuXJMsfINxqnnf5pdJaslTbFVuwd5KpR8u+F:OMZSqxTbnjf+W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ad44eff9669d039ce03f245ab982c7e_JaffaCakes118

Files

2ad44eff9669d039ce03f245ab982c7e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cf3b87c95db329c8195650e94d799d53

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MulDiv
GetOEMCP
GetCurrentProcessId
GetStartupInfoA
SetLastError
IsDebuggerPresent
GetModuleHandleA
lstrcmpA
GetThreadLocale
CopyFileA
GetDriveTypeA
GetCurrentThreadId
GlobalFindAtomW
LoadLibraryW
DeleteFileA
DeleteFileW
GetCommandLineA
GetLastError
GetProcessHeap
lstrlenA
GetCurrentThread
GetModuleHandleW
GetTickCount
GetACP
QueryPerformanceCounter
SetCurrentDirectoryA
GetConsoleOutputCP
RemoveDirectoryA
GetVersion
GetCurrentProcess
lstrcmpiW
GlobalFindAtomA
lstrcmpiA
GetWindowsDirectoryA
lstrlenW
GetCommandLineW
Sleep
GetUserDefaultLangID
VirtualAlloc

user32

GetSystemMetrics
CharNextA
GetDC
GetDesktopWindow

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ