2ec215b909547446c6bd977a4f450a1b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ec215b909547446c6bd977a4f450a1b_JaffaCakes118
Size

213KB
MD5

2ec215b909547446c6bd977a4f450a1b
SHA1

1f81ccde38a7544ceb931af76f0bc0c5e0ed9628
SHA256

a595a0869962afb2edda7b81e42da164547c30583baa3f92d47fd696514e2db3
SHA512

477e3911fdd76d308259e3b72e4bcff19930c21d58ac0f32fc27d65bb587c648432ccf57c923c04040a69c418bbd72dad147053416c765a5d584220342f4b9ee
SSDEEP

3072:HnXKIkulZPSM2rIxJBs0AeEyX8wZvq+z6wlBXcp/UBzxVlEuANwS2IQRSv13yW:HnXUYAeE9wZvx5YwlVuuWic1f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ec215b909547446c6bd977a4f450a1b_JaffaCakes118

Files

2ec215b909547446c6bd977a4f450a1b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d7f377cd8d69a8c3a319708988ccd456

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateWindowExA
DestroyCursor
EnableWindow
FindWindowA
GetDCEx
MessageBeep
RemoveMenu
SetScrollInfo
ShowWindow
UnregisterClassA

gdi32

Arc
CreateDIBPatternBrushPt
CreateEnhMetaFileA
CreateHatchBrush
EnumEnhMetaFile
EnumMetaFile
GdiFlush
GetClipBox
GetPixel
MaskBlt
MoveToEx
PlayMetaFile
Polygon
PtVisible
ScaleWindowExtEx
SetDIBits
SetStretchBltMode

kernel32

CloseHandle
DeleteCriticalSection
FormatMessageA
GetCommandLineA
GetCurrentDirectoryA
GetFileAttributesW
GetFileSize
GetModuleFileNameA
GetModuleFileNameW
GetStartupInfoA
GlobalAddAtomA
HeapCreate
IsBadWritePtr
IsValidCodePage
OutputDebugStringA
RemoveDirectoryA
SetErrorMode
SetEvent
SetFileAttributesA
SetFileTime
SystemTimeToFileTime
TlsAlloc

Sections

.text
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ