2b492e6b478ab0730b14f270ec3af7a0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b492e6b478ab0730b14f270ec3af7a0_JaffaCakes118
Size

815KB
MD5

2b492e6b478ab0730b14f270ec3af7a0
SHA1

a52663585961adeb0698f9dd79a0555dd0086bc6
SHA256

865ff5108b8981bb7500d95dbe2cd6a5fce646737d9695a317606854229ed0dc
SHA512

c60c1363475338af91f9598b378a5c9951024b95de1e228761c112341d0431f3522a612a76e5b754c8d099e2f43294b5e672b91e61b896b7d0412d4e11ab32cf
SSDEEP

24576:otvVuTdzULI0jiS7Wluv2QVhUO5qW7mEbNFn7nKMPGkD:QVupzp0xTUOMWn77KMeK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b492e6b478ab0730b14f270ec3af7a0_JaffaCakes118

Files

2b492e6b478ab0730b14f270ec3af7a0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

441dd8bec037668ec9b325dbcb78e3e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingA
IsDebuggerPresent
CreateFileA
FreeEnvironmentStringsA
GetStdHandle
LoadLibraryExA
LocalFree
GetACP
CreateEventA
GetLastError
IsBadReadPtr
HeapCreate
LocalUnlock
GetModuleHandleA
GlobalLock
CloseHandle
FindClose
GetPrivateProfileIntA
lstrlenW
GetConsoleCP

user32

DialogBoxParamA
DispatchMessageA
GetDlgItemTextA
SetFocus
GetDlgItem
GetIconInfo
IsWindow
GetListBoxInfo
GetMessageA
RedrawWindow
GetDC
EndDialog
CheckMenuItem
DrawIconEx

uxtheme

DrawThemeIcon
CloseThemeData
GetThemeMetric
EnableTheming
GetThemeColor

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ