2db34319f30a8912da587399d40b438f_JaffaCakes118 | Triage

Sharing

General

Target

2db34319f30a8912da587399d40b438f_JaffaCakes118
Size

85KB
MD5

2db34319f30a8912da587399d40b438f
SHA1

fdcf6bfb21709e892d2b8be3532057c19e0595ac
SHA256

1b9e33cc50e0017f1713f58bf531392159524d749cca81e86345254a03f7f7d7
SHA512

aafa59ffa799db2d38b2c3f894d88a6ddbd63cb77b1d517b1d9594ae5dc7b8f6be2a4398f974d70e6a856958c265140edffa21fb1d8bbf3a73740997753d28a0
SSDEEP

1536:oDaMxYnKd7/tKLwvSBTaWFxQBrIRLuF6dddagXW2R+Kc0M2x3y3WVO:aaMxtd7/t+BT3FuxKQ6l9G2UUV3y3WQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2db34319f30a8912da587399d40b438f_JaffaCakes118

Files

2db34319f30a8912da587399d40b438f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0d0a1d0def86f0f2884cf6ae4903fbac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
SetCommTimeouts
CancelDeviceWakeupReq
ompact
ZeroMemory
ansactNamedPipe
lobalUnWire
EventActive
e
rtkeySize
itchToFiber
erNameExA
rmsrvAppInstallMode
ualProtect
UTUnRegister

r

eProfileStructA
ocalTime
erLanguageNameA
A
fileSectionW
cmp
ivateProfileStringA
leSectionW
rocess
ronmentVariableW
tProcessShutdownParameters
utdownParameters
SER32.dll
emMessageW
revW
tWindowTextA
ackPopupMenuEx

n
orLevel
tivateKeyboardLayout
ayout
WindowsHookA
Advise
ePalette
Menu
MenuWindowProcW
TabbedTextExtentW
xtentW
uffW
GDI32.dll
Layout
rtDC
ampExW
lInitialize
olygon
tAssocStatus
PaletteUse
tResourceExW
GetHFONT
bineTransform
diGetSpoolMessage
ge

Sections

.text
Size: 4KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE