2cdb8999cd0563815e64d95209509183_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2cdb8999cd0563815e64d95209509183_JaffaCakes118
Size

135KB
MD5

2cdb8999cd0563815e64d95209509183
SHA1

3a87ea5beb86cfdd48a33d307acda0bc2f47c3b1
SHA256

33d5d46bf7b00db8e7fde308248c948fef0bc74a36eca98fcc507c0690a9c172
SHA512

ca3d8d72fe42a9ffe0179561dc66869543bffbecce9afe7e7f26b77a20eb9a8658cff763df349333a92d89ee9eb6ce24e30513110bc2f7516f03e2c9497be753
SSDEEP

1536:fqA9f98FFwDWAobh582cFmQUIPKcYdoW/7acVDWG0ccBtq6SRvGS49/EKxNHlRiK:f1f9Ow8bT8V0oWDawyGt0vsGSu3jHm0z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cdb8999cd0563815e64d95209509183_JaffaCakes118

Files

2cdb8999cd0563815e64d95209509183_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a41002fac4557098f6498e28bbcb9f44

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
FileTimeToLocalFileTime
FindFirstFileA
GetConsoleOutputCP
GetExitCodeProcess
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStringTypeExA
HeapDestroy
InterlockedIncrement
IsDebuggerPresent
LCMapStringA
LoadLibraryA
SetEvent
SetLastError
VirtualAlloc
VirtualFree

user32

CharNextA
DispatchMessageA
GetDC
GetDlgItem
GetSubMenu
PeekMessageA
PostMessageA
ScreenToClient
SetWindowLongA
ShowWindow
UpdateWindow

gdi32

CreateBitmap
GetDIBColorTable
GetPixel
GetStockObject
MoveToEx
PatBlt
SelectObject

shell32

CommandLineToArgvW
DragQueryPoint
ExtractIconExA
FindExecutableW
SHAddToRecentDocs
SHChangeNotify
SHCreateDirectoryExW
SHFileOperationW
SHGetFileInfoA
SHGetFolderLocation
SHGetFolderPathA
SHGetFolderPathW
SHGetPathFromIDListW
ShellExecuteExW

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ