2d836060121acfe922d78960556f7f7a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2d836060121acfe922d78960556f7f7a_JaffaCakes118
Size

31KB
MD5

2d836060121acfe922d78960556f7f7a
SHA1

b6136020e10e58bce4c1e31c68aaa697822d124b
SHA256

9331208d5293f5dfc0de7998175d26f277dc7669775f8fe0599cf65871cbebe6
SHA512

a8c8e60519c3c8baff56179101be4125860df22307999507304596a95c3b9113f6cd1fd0833e32317f474d2f475ec43be23c9366fef662f0bae972eb95489fb9
SSDEEP

384:nsrXYAdi2W7puT6uYJXKqiSH5RrJ8FftRgfHVNa9IBFaIR0UJnU:W5di2f6uMli25tJFfHcSx0UJnU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d836060121acfe922d78960556f7f7a_JaffaCakes118

Files

2d836060121acfe922d78960556f7f7a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d1a5ab241c455a2c04545bff7133b97e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpA
GetModuleHandleW
VirtualAlloc
GetCurrentProcess
IsDBCSLeadByte
TlsSetValue
TlsFree
GetCurrentThreadId
GetDriveTypeW
GetSystemDefaultLangID
GetCurrentProcessId
GetModuleFileNameA
lstrcatA
FreeLibrary
TlsAlloc
GetACP
GetCurrentThread
GetSystemDefaultLCID
GetCommandLineA
TlsGetValue
GetLogicalDrives

user32

GetWindowDC
IsWindowVisible
GetWindowTextLengthA
GetSystemMetrics
ShowWindow
CreateWindowExA
GetDC
GetForegroundWindow
RegisterClassA
GetWindow
GetWindowLongA
GetActiveWindow
IsIconic
GetClassLongA
UpdateWindow
ReleaseDC
BeginPaint
GetWindowTextA
GetFocus

gdi32

SelectObject
SetTextColor
SetBkMode
GetObjectA
GetStockObject
DeleteObject

uxtheme

GetCurrentThemeName
EnableTheming
DrawThemeText
DrawThemeIcon

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE