2ae1b3736e8aa3dc58ebc46d5870d8a1_JaffaCakes118 | Triage

Sharing

General

Target

2ae1b3736e8aa3dc58ebc46d5870d8a1_JaffaCakes118
Size

317KB
MD5

2ae1b3736e8aa3dc58ebc46d5870d8a1
SHA1

1e1cd4e0ff810c4bf6a226c2f446011f0dfef84e
SHA256

2d553f6f4eeea22fa668f5b7981916a8f2a98e86d903559185ec4aec0d0b0f45
SHA512

7dc7cce4f6f77592e5fc1e41ba7b6ea218b774219adc5ea53df6887e19f11fdf5e7343444e09d3b72a1cab4a9d11ec1e05acf3f08b5931f427dbc6668c686321
SSDEEP

6144:cbmvERPh5qe7/JFB7XYdjSYGioU8DmiUtH:cbBRP2e7/JFTD1UtH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ae1b3736e8aa3dc58ebc46d5870d8a1_JaffaCakes118

Files

2ae1b3736e8aa3dc58ebc46d5870d8a1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

78e01eab32cd99c2f9db6ddb13afe032

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcat
SetConsolePalette
GlobalFree
CloseHandle
HeapCreate
GlobalFindAtomA
GetProfileStringA
DeleteAtom
GetOEMCP
EnterCriticalSection
GlobalLock
GlobalUnlock
LocalFree
LoadLibraryExA
VirtualAlloc
GetProcessHeap
RaiseException
LoadResource
GlobalAddAtomA
GetStdHandle
SetCommBreak

user32

DrawEdge
ValidateRect
GetParent
GetDC
GetClassInfoExA
GetWindowTextLengthA
AlignRects
GetWindowTextA
ShowWindow
GetWindow
IsIconic
GetActiveWindow
BeginPaint
ReleaseDC
GetFocus
GetForegroundWindow
GetClassNameA
EndPaint
CloseWindow

wsock32

WSACleanup
WSASetBlockingHook
WSAStartup
WSAGetLastError
WSAAsyncGetServByPort

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ