2bb20489c63b4ee87938016099a12a93_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2bb20489c63b4ee87938016099a12a93_JaffaCakes118
Size

68KB
MD5

2bb20489c63b4ee87938016099a12a93
SHA1

d9be15f7799fe0618f685f5017d02a1ef0a5e82a
SHA256

a74c8e221557fae54ed9c7100fd3d0851c0d0f31ca45f354a206226af6cc16a1
SHA512

7a170b1eaa668dcbe5eb356d34a8775162728aed87c939ff95bde3860558168d63dd13373d2257286cb30165faef9eccb57b0291564cd02e8554035b1fb198b1
SSDEEP

1536:hBaxImnVqUKkBr0SmAR1ur8pxPKJvoHQDHQ/3pphfZg:fa/VskBwSmARrxPydDHK5pL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bb20489c63b4ee87938016099a12a93_JaffaCakes118

Files

2bb20489c63b4ee87938016099a12a93_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e99179fde6b5ff29f32b0dedb9e4d2d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
SetEndOfFile
FindNextFileW
LoadLibraryA
DuplicateHandle
MultiByteToWideChar
DeleteFileW
WideCharToMultiByte
CreateProcessW
QueryDosDeviceW
SetCurrentDirectoryW
ResetEvent
ReadProcessMemory
GlobalLock
MoveFileW
FreeResource
GetPrivateProfileStringW
WaitForMultipleObjects
SetThreadPriority
FindResourceExW
lstrcpyW
TerminateThread
GetCurrentThread

user32

GetParent
SetCursorPos
GetClassNameW
SystemParametersInfoW
SetLayeredWindowAttributes
OffsetRect
GetKeyState
GetWindowTextW
DestroyMenu
SetWindowPos
DispatchMessageW
DestroyIcon
LoadImageW
GetWindowRect
FillRect
GetMessageW

gdi32

GetDeviceCaps
CreateICW
DeleteDC
CreateRoundRectRgn
GetMapMode

advapi32

RegOpenKeyExW
StartServiceW
RegCreateKeyExW

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE