2beb6c52e2c2f0a4140044b97e91db82_JaffaCakes118 | Triage

Sharing

General

Target

2beb6c52e2c2f0a4140044b97e91db82_JaffaCakes118
Size

175KB
MD5

2beb6c52e2c2f0a4140044b97e91db82
SHA1

5c87abb58548c261dc9b4ca51cd01f029c93ec68
SHA256

dd8adb087145448b58f5c87499be4fbd82646ff5bd59cb5561d5c70a6453c8ee
SHA512

123a83d6b937f4d3358cc2b0a15b9b0bb1ead1eaeb5d253712e8ec8b6cac7164b9e6171a79b349084ce5f9c31c00c5a010e805872a8571edfde46e0f534b2d44
SSDEEP

3072:HAQ8WC0Oa+b1hykjWeEhEszrkm2OsXYId1p4WvPlfg+mQm1+kk:HAQ848/jjW1kzOsn4WFfN81i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2beb6c52e2c2f0a4140044b97e91db82_JaffaCakes118

Files

2beb6c52e2c2f0a4140044b97e91db82_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1c377317ac2999802cc4ecf34b9a7060

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyn
GetOEMCP
LoadResource
EnterCriticalSection
ExitThread
VirtualAlloc
LoadLibraryExA
RaiseException
SetConsolePalette
GlobalFindAtomA
GetLocalTime
GetStdHandle
CloseHandle
GetProcessHeap
LocalSize
SetCommBreak
DeleteAtom
GlobalLock
GetProfileStringA
GlobalFree
GlobalAddAtomA

user32

ShowWindow
GetWindowTextA
GetActiveWindow
GetDC
GetClassNameA
GetFocus
AlignRects
DrawEdge
GetClassInfoExA
GetWindowTextLengthA
GetForegroundWindow
IsIconic
ReleaseDC
CloseWindow
ValidateRect
GetWindow
GetParent
EndPaint
BeginPaint

wsock32

WSAAsyncGetServByPort
WSASetBlockingHook
WSAStartup
WSAGetLastError
WSACleanup

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ