2b33f6f6aa647a4451120208da3dd625_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b33f6f6aa647a4451120208da3dd625_JaffaCakes118
Size

248KB
MD5

2b33f6f6aa647a4451120208da3dd625
SHA1

5e2f9c7a039ab33d73c21ec5cc003b63d9ab8680
SHA256

11b01af32c085765a2a36b48eb3becd0ca604996dbaf1a9c74383058599a62d1
SHA512

7eb667883f9b7b0de55e6d361d759d286e187031d52dc4e4c363a178659454445856bf09aeccb54c6e8dfa45b392bbf9ce7c63c4ffca888a80fba5bb84ab169c
SSDEEP

6144:eTY+yRx/ZWGSeCwHj8CD5yVmipg+UC+kgixj:b+yXSnGj79yr3UC3jj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b33f6f6aa647a4451120208da3dd625_JaffaCakes118

Files

2b33f6f6aa647a4451120208da3dd625_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6d9c754d49bee4c8db261c52262e95bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadCodePtr
EnumSystemLocalesW
GetModuleFileNameA
GetNamedPipeInfo
WriteProfileSectionA
WritePrivateProfileStructW
GetShortPathNameA

user32

IsCharLowerW
WinHelpA
LoadMenuW
CallMsgFilterA
ChangeClipboardChain
AttachThreadInput
GetSubMenu
SetWindowsHookExA
RegisterClipboardFormatA
DlgDirSelectExA
EnumDisplaySettingsA

gdi32

GetFontData
GetCharWidthW
GetDIBits
CopyEnhMetaFileW
ColorMatchToTarget

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 772B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data0
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE