2db8a422f8f4e36a8f86fe7f983ee85c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2db8a422f8f4e36a8f86fe7f983ee85c_JaffaCakes118
Size

175KB
MD5

2db8a422f8f4e36a8f86fe7f983ee85c
SHA1

d0486f7562c69abb6bccaa089c83dac6284263fa
SHA256

c6c62f43c852d5a114b555507f89441c8539cae2448854cec85228b1af339e8e
SHA512

571321c3e49fa0c1adfdfce59e8203dfa6d65ea12d9f8107818f436f717b4e0b38d1be0a97bb731d411b6aca7b243b58368525bfe8cf5a1d48a286f0c9c0aec1
SSDEEP

3072:rrknrxCvhFS4Q0pCAIS73DzteyLOETAPEbkcyNCymr+0Wbt0q57Toy:Urwhw4Qd3C3DTLOEnxsl0q5Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2db8a422f8f4e36a8f86fe7f983ee85c_JaffaCakes118

Files

2db8a422f8f4e36a8f86fe7f983ee85c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a92fa31ef8294968d6e50f6b5081784f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

CharNextW
TranslateMessage
CharUpperW
SetTimer
DispatchMessageW
KillTimer
SendMessageA
GetMessageW
PostThreadMessageW
GetDC
wsprintfW
UnregisterClassA

kernel32

lstrcpyA
MultiByteToWideChar
WideCharToMultiByte
lstrcpyW
LockResource
GetCPInfo
GetProcessAffinityMask
InitializeCriticalSection
lstrcpyA
lstrlenW
EnumResourceNamesW
GetACP
FindClose
lstrcmpiW
GlobalFree
OutputDebugStringW
GetTickCount
FreeEnvironmentStringsW
GlobalAlloc
GetLastError
GetModuleHandleW

shlwapi

PathCombineW
PathFileExistsW

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

CoUninitialize
CoTaskMemFree
CoInitialize
StringFromGUID2
CoRevokeClassObject
CoTaskMemRealloc
CoCreateInstance
CoRegisterClassObject
CoTaskMemAlloc
StringFromCLSID

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ