2bfe80c6be3a6546b939881dee04dfdd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2bfe80c6be3a6546b939881dee04dfdd_JaffaCakes118
Size

1.1MB
MD5

2bfe80c6be3a6546b939881dee04dfdd
SHA1

ec69368d33782a9e315c4439106204ffceb9968e
SHA256

8fa572c59a028a1de21e24d398c1bf1c508f49a07ebafa60d148da705b9ef0a4
SHA512

479f02d1c8b0c5b120f6ac548bfe425e45d072a533ee1c26b6b45d276289be73f8887f591e1c6c72a127a8144e84e903b05466075298504554c3ff1dedaad2a2
SSDEEP

24576:ldLeM7cycSNd3oXjhVFDoA1WDHlp64PE/1jUELhQ4fzd/2q:Xi+jNYdvoAIlp64PEle4R+q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/setup.exe

Files

2bfe80c6be3a6546b939881dee04dfdd_JaffaCakes118
.zip
setup.exe
.exe windows:4 windows x86 arch:x86

547c94826e733fab0c2f59262339e0b1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringA
VirtualFree
WriteFile
VirtualAlloc
DeleteFileA
FreeLibrary
GetProcAddress
LoadLibraryA
CloseHandle
lstrcpyA
CreateFileA
lstrlenA
ReadFile
SetFilePointer
GetWindowsDirectoryA
GetSystemDirectoryA
ExitProcess
GetCurrentDirectoryA
GetTempPathA
lstrcpynA
GetModuleFileNameA
InterlockedIncrement
GetModuleHandleA

user32

LoadCursorA
SendMessageA
GetDlgItem
SetCursor
MessageBoxA
wsprintfA
ShowWindow
FindWindowA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 842B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Shared
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ