2ee180ea2fda497bb7695aff105cd4ae_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ee180ea2fda497bb7695aff105cd4ae_JaffaCakes118
Size

417KB
MD5

2ee180ea2fda497bb7695aff105cd4ae
SHA1

79b87331b68af8fb5563155b045d1c79d6bd70f0
SHA256

171a330aecf38e883736a83f8adef309c14e9df96c2a0d58729171b8bc53aea6
SHA512

dda1a7f56a58e33217876201840ccf25a825234bc6acad6ae9e0b5d65f073f259531b509f57adf1a3f130ac67eb865103c1164b47bf61486298e979c4a6edf1f
SSDEEP

6144:x4f5pjA6EstDkoCDuG6K4nY+zIZJz5GyCY6ootoA4t/T4RgU:8A6ESDkoUuBfqR50YPot3e/Tg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ee180ea2fda497bb7695aff105cd4ae_JaffaCakes118

Files

2ee180ea2fda497bb7695aff105cd4ae_JaffaCakes118
.exe windows:4 windows x86 arch:x86

329d8aacfd76bfaebca791d544fb35b8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
ExitThread
GlobalLock
GetStdHandle
GetProfileStringA
GlobalAddAtomA
LocalSize
RaiseException
GlobalCompact
EnterCriticalSection
SetCommBreak
DeleteAtom
GetCommState
GlobalFindAtomA
LoadLibraryExA
LoadResource
GetOEMCP
GlobalFree
lstrcpyn
VirtualAlloc
CloseHandle

user32

GetWindowTextLengthA
IsIconic
GetDC
DrawEdge
GetActiveWindow
AlignRects
GetForegroundWindow
GetWindow
EndPaint
ValidateRect
GetClassNameA
GetFocus
ReleaseDC
BeginPaint
CloseWindow
GetParent
GetWindowTextA
GetClassInfoExA
ShowWindow

wsock32

WSACleanup
WSASetBlockingHook
WSAAsyncGetServByPort
WSAStartup
WSAGetLastError

duser

AutoTrace

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ