2b12c385f3a403c9091d92659936de66_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b12c385f3a403c9091d92659936de66_JaffaCakes118
Size

56KB
MD5

2b12c385f3a403c9091d92659936de66
SHA1

c4c10c228ee8776cdc2a0ae207bffe277472ec0d
SHA256

0dfa0a266f1c1a860b5e1b164fff05e4c457ced13472efbbfa0395bac2817e15
SHA512

851395d71cb108b64672890b68d6795770bedf1dc364b17e08f3bdf50d75f20f8fac0c0a11eeb8e3e49a8763af4efe56241e5fed083faaedbadb2386488bb3ee
SSDEEP

1536:ptsNd3NXvXtk8Vlrqm3mM9B2ONim91uNMd9jYabFi:zCtkSlrx2M9cO0MTbi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b12c385f3a403c9091d92659936de66_JaffaCakes118

Files

2b12c385f3a403c9091d92659936de66_JaffaCakes118
.exe windows:4 windows x86 arch:x86

908b258b3be2749938b4d2acbc10449d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetLastError
DisconnectNamedPipe
HeapCreate
LocalUnlock
CreateFileMappingA
GetACP
CreateFileA
GlobalLock
GetFullPathNameA
CreateEventA
IsDebuggerPresent
GetModuleHandleA
FreeEnvironmentStringsA
GetStdHandle
GetConsoleCP
LocalFree
FindClose
IsBadReadPtr
LoadLibraryExA

user32

ScrollWindow
GetDlgItem
DefWindowProcA
SetFocus
GetIconInfo
GetDC
EmptyClipboard
DispatchMessageA
CreateDialogParamA
EndDialog
IsWindow
PostMessageA
GetMessageA
DrawIconEx

uxtheme

DrawThemeIcon
EnableTheming
GetThemeColor
CloseThemeData
GetThemeMetric

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ