2e92356d9101cda0eb2ae2541ad46463_JaffaCakes118 | Triage

Sharing

General

Target

2e92356d9101cda0eb2ae2541ad46463_JaffaCakes118
Size

328KB
MD5

2e92356d9101cda0eb2ae2541ad46463
SHA1

d6c2394bda99082b3ee6eae024e92fcb8a47b3ea
SHA256

a7206df5b9cb5af769af5a3fab98fc0d55eb836bfe77d4ae74ab11ce9c2ba2ab
SHA512

06e3e19b5f265a8923df0c602220ec50146fd47856fd8e299d5635f947ab035b08183de79d5bb8efd5a6b8a83bc600969ebb60d34143c1f1063a78b1d51c79c9
SSDEEP

6144:/xVpBMDHXxy+CdFr/GJS0hGaMUXjyIU4Ozwp05M8:p7OD3wDjTGJZcatjQXzksM8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e92356d9101cda0eb2ae2541ad46463_JaffaCakes118

Files

2e92356d9101cda0eb2ae2541ad46463_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9c4f5764b7045392125e285aebfef118

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
SetConsoleCP
SuspendThread
CompareFileTime
GetModuleHandleA
GetStdHandle
InterlockedExchange
HeapReAlloc
GetTickCount
SearchPathA
WaitForMultipleObjects
GlobalUnlock
lstrlenA
CloseHandle
GetConsoleCP
GetAtomNameA
GetSystemDefaultLangID
GetCommandLineA
HeapCreate
WaitForSingleObject
VirtualProtect

user32

SetWindowPos
CreateIcon
EnableScrollBar
SetScrollInfo
MessageBoxA
DispatchMessageA
GetDlgItem
DialogBoxParamA
DrawCaption
GetCursorInfo
GetKeyState
CreateCursor
DragObject
CreateMenu
GetKeyboardLayout
InsertMenuA
CopyImage
IsDialogMessage
FindWindowA
SetPropA
DestroyMenu
DispatchMessageA
InvertRect

advapi32

RegEnumValueA
RegQueryInfoKeyA
RegCloseKey
RegCreateKeyExA
RegEnumKeyA

uxtheme

GetThemeColor

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 500KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ