2dd9cdf9ab8147edecea48867d6a47bd_JaffaCakes118 | Triage

Sharing

General

Target

2dd9cdf9ab8147edecea48867d6a47bd_JaffaCakes118
Size

72KB
MD5

2dd9cdf9ab8147edecea48867d6a47bd
SHA1

d2bee192ef8b40bddf19855b6db0e889c54c553f
SHA256

3b940b26e41fdebdfde40c3f46bfcb57055dd49c8249e85dc94a713e8a5d53bb
SHA512

afbd9d70d34771eb0d3b836ba475ff7ca3b5d103491925dc9843d0d2080e663f98e4ce14c5b825caa0392999cd5689ab6fb82de1bdfd4ccd9dd948fdd3a58c54
SSDEEP

1536:CDAi9b1ASVZaEOD8WMt1xWjtp+aoj7CoUvLp+KxB:y1VtOD7u1UoPTCdx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2dd9cdf9ab8147edecea48867d6a47bd_JaffaCakes118

Files

2dd9cdf9ab8147edecea48867d6a47bd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

07f6e602004087d0fcbc83078a77e038

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetFileSize
SetFilePointer
SetThreadPriority
SetWaitableTimer
GetModuleFileNameW
GetLogicalDrives
FindFirstChangeNotificationW
GlobalDeleteAtom
FreeLibrary
WritePrivateProfileStringW
GetCurrentThreadId
ResetEvent
DuplicateHandle
GlobalUnlock
LoadLibraryW
WaitForMultipleObjects
FindClose
GetProcAddress
GetSystemTime
LockResource
WideCharToMultiByte

user32

SystemParametersInfoW
DefWindowProcW
SetDlgItemTextW
VkKeyScanW
InvalidateRect
CreatePopupMenu
SendDlgItemMessageW
SetCursor
DispatchMessageW
SetCursorPos
LoadBitmapW
LoadImageW
GetWindowTextW
GetClassNameW
SetWindowPos
SetCapture
GetCursorPos
OffsetRect
EndDialog
TranslateMessage
DestroyIcon

gdi32

Rectangle
DPtoLP
SetDIBits
CreateBitmap
SetBkMode
DeleteObject

advapi32

RegOpenKeyExW
LookupAccountSidW

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE