2da00c02dfad28ff12721d1888e7febe_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2da00c02dfad28ff12721d1888e7febe_JaffaCakes118
Size

10KB
MD5

2da00c02dfad28ff12721d1888e7febe
SHA1

07f1f33d34b4dcbf2dc3634d22b2f182446d77d0
SHA256

fd3852e09634837c2558c7660dcaed00f3b1c6d5628f685afc145bbaa7585b62
SHA512

a5927bb09b78306b169f4d304bb9fa3bdd1282219e99eefd5e29f3adca41d25c693c8eb485a5317a5715982a5e88fec3d9122caefff5b35740a25cae5181543e
SSDEEP

96:74I9bT6T/1vL9xJDmWSvsbgtaDlMny3Tjdrrh8HIilJOQGJ6UgxzCyJ:74Itw7JyBsbgtaDlac5rh8FOXq9h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2da00c02dfad28ff12721d1888e7febe_JaffaCakes118

Files

2da00c02dfad28ff12721d1888e7febe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

38112997217735b92c185fa4a57df361

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentVariableA
CreateDirectoryA
GetModuleHandleA
ExitProcess
DeleteFileA

user32

EnableWindow
GetWindowTextA
DefDlgProcA
DestroyWindow
PostQuitMessage
LoadIconA
RegisterClassA
CreateDialogParamA
SetWindowTextA
GetDlgItem
SetDlgItemTextA
SendMessageA
GetWindowLongA
SetWindowLongA
ShowWindow
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
CallWindowProcA
MessageBoxA

advapi32

RegCloseKey
RegSetValueExA
RegQueryValueExA
RegOpenKeyA
RegCreateKeyExA
RegCreateKeyA
RegEnumKeyA

msvcrt

_isctype
_pctype
__mb_cur_max
strncat
rename
fclose
fputs
fgets
fopen
strncpy

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ