2cd91ceb39cbb5f2bdf243a5c1bc2b8e_JaffaCakes118 | Triage

Sharing

General

Target

2cd91ceb39cbb5f2bdf243a5c1bc2b8e_JaffaCakes118
Size

53KB
MD5

2cd91ceb39cbb5f2bdf243a5c1bc2b8e
SHA1

2d9a5a560cc7ec016c56dec655950708feb61c94
SHA256

4c63e35eedd28cdae33aa35c582ed1a9422af4935daf1adde1ba8e017b9d4229
SHA512

aac8571675f1486f3fe22827090eec562aa657bdf90a60788f3e91c6fb5d90e3838057b4073ebd4c6814f538c7562a635f386ac478d7308c148938f6e4bf0040
SSDEEP

768:Lk4nwLDUtOAntM4wP/GHmy1B1sAMSL3rGfKnTielHbNLzr5e5KBqn6bSPh:Lk4uDUtJtALy1B1PR/eKnT5hbV/5eVj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cd91ceb39cbb5f2bdf243a5c1bc2b8e_JaffaCakes118

Files

2cd91ceb39cbb5f2bdf243a5c1bc2b8e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bf57a6fe981b020386b13d86c6995668

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
DeleteCriticalSection
FindClose
GetACP
GetCPInfo
GetProcAddress
GetTickCount
GetVersion
HeapFree
MultiByteToWideChar
SetFilePointer
TlsGetValue
VirtualFree

user32

DefWindowProcA
EnableMenuItem
EnableWindow
EndPaint
GetClassInfoA
GetDlgItem
GetFocus
GetSystemMetrics
LoadBitmapA
PostMessageA
PostQuitMessage

gdi32

CreatePalette
CreatePen
DeleteDC
DeleteEnhMetaFile
GetDIBColorTable
GetEnhMetaFileHeader
GetTextExtentPointA
SetStretchBltMode

shell32

DragAcceptFiles
SHFileOperationW
SHGetDesktopFolder
SHGetFileInfoA
SHGetFolderPathA
SHGetMalloc
SHGetPathFromIDList
SHGetSpecialFolderPathA
ShellExecuteW
Shell_NotifyIconW

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 33KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE