2e64adee5df695ac3728aebf1d7cfeba_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2e64adee5df695ac3728aebf1d7cfeba_JaffaCakes118
Size

328KB
MD5

2e64adee5df695ac3728aebf1d7cfeba
SHA1

09a7d5c6e9e539efc8f7a0d623a190de587698ce
SHA256

98b6fdc212ed6d817714241bc8d8481244b463f782a36e246becabcaa9f4f61b
SHA512

2beefde8344cdd4595c7b241231151ee1ac6956d51f85573ae7c836215c530e9b18c5291033da8b4f961a974810b5a4b3bac74dd81d10855f74ff8dd91ffe676
SSDEEP

6144:eXF40QZhED4ZrfWEqfdoQxkibpPz/S75mdFqASxZJeh/wJY8WoONCdT:sa3hED4ZrfPqfdoQeibluwqBhe/w5rT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e64adee5df695ac3728aebf1d7cfeba_JaffaCakes118

Files

2e64adee5df695ac3728aebf1d7cfeba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fa395f6c7568d5d2c57f68ccbd215a96

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetProfileIntA
GetStdHandle
GetTickCount
GetConsoleCP
WaitForSingleObject
GetVersion
LoadLibraryExA
WaitForMultipleObjects
lstrlenA
HeapReAlloc
GetModuleHandleA
SuspendThread
InterlockedExchange
CompareFileTime
GetCommandLineA
GetSystemDefaultLangID
GlobalUnlock
HeapCreate
AddAtomA
VirtualProtect

user32

InsertMenuA
InvertRect
CreateCursor
GetKeyState
DrawCaption
DialogBoxParamA
CreateCaret
MessageBoxA
CopyImage
CreateIcon
FindWindowA
SetScrollInfo
DragObject
GetKeyboardLayout
DispatchMessageA
CopyRect
SetWindowPos
IsDialogMessage
SetPropA
GetCursorInfo
DestroyMenu
EnableScrollBar
GetDlgItem
CreateMenu

advapi32

RegCreateKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegCloseKey
RegEnumKeyA

uxtheme

GetThemeColor

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 500KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ