2d50182862c8805f1a6f7dc2b70e8291_JaffaCakes118 | Triage

Sharing

General

Target

2d50182862c8805f1a6f7dc2b70e8291_JaffaCakes118
Size

310KB
MD5

2d50182862c8805f1a6f7dc2b70e8291
SHA1

896879024b635f8608a4274a63f3c677c1cc0aa8
SHA256

c80337e0b02f96e0f77f157bad962df7ef6ca393b8c8b129425c0ebe55d07bc5
SHA512

4eb7de747d9e97404d20ed8b46f5e582b08f7232154db294dc4f7c289a6750ea38bd7d4fd9a23fd6bd3f5053db6afdfff70ba2fc471d1189ea66d9a57e289985
SSDEEP

6144:Te5KMTNzzfnZNMcWB4/AYOP4gvgpIyrHbrVZlfJ73dFWylPGFcr8:TMNnTW4/AXPMpzx5lPecY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d50182862c8805f1a6f7dc2b70e8291_JaffaCakes118

Files

2d50182862c8805f1a6f7dc2b70e8291_JaffaCakes118
.exe windows:4 windows x86 arch:x86

57f9835f33f1c59acf865df93eda1ae9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
GetLocaleInfoA
SetEvent
InterlockedExchange
VirtualProtect
GetCurrentProcessId
HeapCreate
OpenMutexA
GetCommandLineA
RaiseException
GlobalFree
IsDebuggerPresent
GetStdHandle
FreeEnvironmentStringsA
ReadConsoleA
FlushFileBuffers
GetSystemDirectoryA
GetModuleHandleA
GetACP
GetCompressedFileSizeA
GetCurrentProcess

user32

DrawTextA
FillRect
FrameRect
ReleaseDC
SetForegroundWindow
ValidateRgn
GetFocus
GetParent
GetClassNameA
GetCursorPos
SetActiveWindow
GetWindowTextA
GetWindow
wsprintfA
IsIconic
ShowWindow
BeginPaint
EndPaint
GetDlgItem

linkinfo

IsValidLinkInfo
GetLinkInfoData
CreateLinkInfoA
DestroyLinkInfo
ResolveLinkInfoA

rtutils

LogErrorA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ