2ca2ea312ef3dafa7ed9903509a3847d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ca2ea312ef3dafa7ed9903509a3847d_JaffaCakes118
Size

37KB
MD5

2ca2ea312ef3dafa7ed9903509a3847d
SHA1

17018b4595f087ec46dc11ac5538fd19ba845619
SHA256

4c48fc19cc9acd43c1f4af893f5b6fd0e47d8a1e805de0958491d501405e0479
SHA512

cef9ddc6738af9cfdc407864acca20c71ed6ad138e50bf1f6798fd27d5e8d6803dd1aa98bbf06065fbd5c780d6944e3b5c3555684697f568201df2f8971b1cac
SSDEEP

384:Cy1Rcdy5zrtoAUQ5h0a/gydUlXAivH7C8nXR2Gez306FO3N3W:TROy5e3QvF/h3Eb12GL9G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ca2ea312ef3dafa7ed9903509a3847d_JaffaCakes118

Files

2ca2ea312ef3dafa7ed9903509a3847d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6e7761ba96dc7fa52c8cad13a6b1fc30

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetExitCodeThread
CreatePipe
GetStdHandle
GetOEMCP
GetPriorityClass
GetConsoleCP
ReleaseMutex
CreateMutexA
GlobalFindAtomA
TlsGetValue
GetProcessHeap
VirtualAlloc
GetModuleHandleA
IsDBCSLeadByte
SetEvent
CompareStringA
GetThreadLocale
GetShortPathNameA
TlsFree
CreateThread
GetUserDefaultLangID

user32

GetWindowTextLengthA
GetDC
GetClassNameA
GetSystemMetrics
GetClassInfoExA
GetActiveWindow
GetWindow
ReleaseDC
GetFocus
InvalidateRect
ShowWindow
IsIconic
ReleaseDC
CloseWindow
GetWindowTextA
ValidateRect
GetForegroundWindow
RegisterClassA
IsWindowVisible

shell32

SHChangeNotify
SHGetFolderPathA
SHGetFileInfoA
SHBrowseForFolderA
SHCreateShellItem

ntdsapi

DsBindA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 888KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ