2b6cdcd567df1e2556eae3f823a8eeda_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b6cdcd567df1e2556eae3f823a8eeda_JaffaCakes118
Size

775KB
MD5

2b6cdcd567df1e2556eae3f823a8eeda
SHA1

b3af5679d200c0be1a27866ba6968cb64c819a9d
SHA256

0170ef3a2093b30b5ded5b4d1feb8b0d5959f6f68be678eff2f3b4465af91c99
SHA512

3c368a366fa6ee9d2aee706785b556b595897ffd8dd231fe42975b2206b5bc3a4c56616787307edef4804bcc4d40206647b9741c99c9fd327fead41c0a6b4f1e
SSDEEP

12288:XV0KktwvI6GBT4XnpzwM87IeBwK9fosEuF63Hme70fwzRg68vEaKrhiBgAb:lycGBT4X988eP763H570fwzmvvarQBg2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b6cdcd567df1e2556eae3f823a8eeda_JaffaCakes118

Files

2b6cdcd567df1e2556eae3f823a8eeda_JaffaCakes118
.exe windows:4 windows x86 arch:x86

773a7ce4246e965a3b552b7dac748116

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
GetModuleHandleA
lstrlenW
GlobalUnlock
SetLastError
HeapCreate
ReleaseMutex
GetCurrentThreadId
VirtualQuery
FindResourceA
DeleteAtom
GetStdHandle
TlsGetValue
LoadLibraryExW
CreateFileA
CloseHandle
GlobalFree
SetEnvironmentVariableA
GetPriorityClass
GetExitCodeProcess

user32

GetDlgItem
CreateWindowExA
GetDC
GetIconInfo
DrawMenuBar
CreateMenu
IsWindow
DispatchMessageA
FillRect
CheckRadioButton
DrawEdge
CallWindowProcA
SetFocus

ntshrui

IsPathSharedA
IsPathSharedW
SetFolderPermissionsForSharing
GetLocalPathFromNetResourceA
GetNetResourceFromLocalPathA

msasn1

ASN1BERDecEoid

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 765KB - Virtual size: 768KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE