2c2f7ec1dd4a85dbc02e6d46ac7a8167_JaffaCakes118 | Triage

Sharing

General

Target

2c2f7ec1dd4a85dbc02e6d46ac7a8167_JaffaCakes118
Size

323KB
MD5

2c2f7ec1dd4a85dbc02e6d46ac7a8167
SHA1

edfe6110efda20e216028e4f1a8a253d5eddb42a
SHA256

7d45745e6879f8e74288d86644a1d74d5d15ef694f147b8ff0e598c183eddbb6
SHA512

67107f73143cc211ce2377c158a9a00c78106ca472e16af0cf420725e1adac61233d6d76fcabc567dd5b4515c02708543f9e6af6cc3848d7e695f6f1c548978d
SSDEEP

6144:EVfA76oWWxfKu9H5Y1jjqt4pWlc6aldolDZ1WHt0Q7oJk14Cdq2viKEpEUPmrfF/:OfS2OKuHu1HKwWb4WOt0QIyZqciRlmrJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c2f7ec1dd4a85dbc02e6d46ac7a8167_JaffaCakes118

Files

2c2f7ec1dd4a85dbc02e6d46ac7a8167_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d17dc7fc8103b009a123065204a5e11f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDebuggerPresent
SetLastError
GetLastError
LoadLibraryExW
Heap32First
IsBadReadPtr
EnumResourceTypesW
CancelIo
FreeConsole
IsBadStringPtrA
CloseHandle
TlsGetValue
VirtualProtectEx
LocalFree
GetConsoleTitleA
GetStdHandle
CreateMutexA
lstrlenA
GetModuleHandleA
ResetEvent

user32

GetMessageA
DialogBoxParamA
EndDialog
IsIconic
GetKeyState
EnumWindows
CopyImage
CloseWindow
CreateWindowExA
GetMessageA
GetParent
GetDlgItemInt
GetDlgItemTextA
MessageBoxA

setupapi

IsUserAdmin
MyFree
MyRealloc
SetupCloseLog
MyMalloc

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ