2bd99f6d5430e7f44a15f7d50ffaa45b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2bd99f6d5430e7f44a15f7d50ffaa45b_JaffaCakes118
Size

363KB
MD5

2bd99f6d5430e7f44a15f7d50ffaa45b
SHA1

d6c44013433e914b1209bed238878ddbece0e449
SHA256

e3a2f2aba15972b0c32611a997c94a57d57675646971c093bc8ef807e4f271c5
SHA512

2bfb2ca6ce200d2dfc1166699b4ad8c6fda7271b7d769f5a94532534efbd3021a192d31701a5f95a3f7b99aa7e279639f4dd0abd80ddf2660bb4ed474bc5cc25
SSDEEP

6144:miJwnMGOr8fe0AJgjchjTnDqNkCYV7zj9nd56t6L8R8NmC:R+n9O8e0Fcx/bV7Pn5k+XNH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bd99f6d5430e7f44a15f7d50ffaa45b_JaffaCakes118

Files

2bd99f6d5430e7f44a15f7d50ffaa45b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6da451643cf99a5a127a77c055e9ceb5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
GetLastError
GetComputerNameA
EnumResourceTypesA
TlsGetValue
GetExitCodeProcess
ReleaseMutex
DeleteCriticalSection
GetTickCount
CloseHandle
GetModuleHandleA
GetDiskFreeSpaceExW
LoadLibraryExW
Sleep
FreeConsole
VirtualProtect
SetLastError
GetCommandLineA
GetDriveTypeA
FindClose

shell32

SHGetDiskFreeSpaceA
ExtractIconA
SHGetMalloc
ShellMessageBoxA
DuplicateIcon
StrChrA
DragQueryFileA
SHFree
SHGetSettings
DragAcceptFiles
ShellAboutA
DragFinish
DllUnregisterServer

printui

vQueueCreate
bFolderGetPrinter
vPrinterPropPages
PnPInterface
bPrinterSetup

user32

MessageBoxA

Sections

.text
Size: 1024B - Virtual size: 628B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ