2ca8b2f12a9994dcf36f79715f738ddc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ca8b2f12a9994dcf36f79715f738ddc_JaffaCakes118
Size

42KB
MD5

2ca8b2f12a9994dcf36f79715f738ddc
SHA1

34af9cbed984426b0b412c9e05c55c9d80a8577c
SHA256

555e85a19991e06f439331d9800b9f90fbc31bf5ff1d8c06c658df07bbb6ab20
SHA512

43b9a26dc87ef0b91bb1744cc5705241a372ad88ab20b82e464897b34610858b0e8b6f4707085b946d8ba1b78a7f86f93789075d5904dd33f4fa6f35915e9b3f
SSDEEP

768:36Esy4oMuVJ9UFAp5v32pk9M7dZOJZBCN2T328Ro9H/auPl6eQPF0WAB4:psH8OFA7K7dya2G4o9RP6PFbf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ca8b2f12a9994dcf36f79715f738ddc_JaffaCakes118

Files

2ca8b2f12a9994dcf36f79715f738ddc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a927e40423a382e7f99ea1a698a89863

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
HeapAlloc
GetProcessHeap
QueryPerformanceCounter
GetModuleHandleA
ExitProcess
CreateThread
InterlockedIncrement
InterlockedExchangeAdd
InterlockedDecrement
InterlockedExchange
GetCurrentProcess
GetTickCount
GetProcAddress

user32

GetMessageA
CreateWindowExA
RegisterClassExA
TranslateMessage
DispatchMessageA
DestroyWindow
DefWindowProcA
GetCursor
GetActiveWindow
FindWindowA

gdi32

GetBkColor
SetBitmapBits
GetObjectType
ResizePalette
CreateSolidBrush
SetGraphicsMode

Exports

Exports

?AJifoijfsc@@YAHHPADHH@Z
?AJifoijfsh@@YAHHPADHH@Z
?AJifoijfsi@@YAHHPADHH@Z
?AJifoijfsm@@YAHHPADHH@Z
?AJifoijfso@@YAHHPADHH@Z

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ