2ed26ab0d6fe202a19d0e327d7fba8fe_JaffaCakes118 | Triage

Sharing

General

Target

2ed26ab0d6fe202a19d0e327d7fba8fe_JaffaCakes118
Size

639KB
MD5

2ed26ab0d6fe202a19d0e327d7fba8fe
SHA1

33c8e27c2f536933fcec98002f00edadc45fe692
SHA256

17bd296e1e548338209e27bb80f5a679dd88915022ce8d96363930ed71e431d0
SHA512

d834cac0157d6ea96c7e0c3908c26391d26b6a20122aa15d301d642a7818d56b7023b8d7473386d280deb2f43f2b28577883ac1cf0571c82a2f5a9f441592689
SSDEEP

12288:oiaWbWxrYcOgLAxB7iX/IH2wfR9e3nOLdypJPONcgyvK9aLP1d9//h:oUCduvxB7ivwjfR96nHpJPJQaLv9/Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ed26ab0d6fe202a19d0e327d7fba8fe_JaffaCakes118

Files

2ed26ab0d6fe202a19d0e327d7fba8fe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

24de2a1d183186eeb16ece22c3bbf32b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCP
GetVersion
GetTickCount
WaitForSingleObject
LocalSize
GetAtomNameA
CompareFileTime
GetCommandLineA
CloseHandle
WaitForMultipleObjects
SuspendThread
lstrlenA
GetModuleHandleA
InterlockedExchange
LoadLibraryExA
HeapCreate
GetConsoleDisplayMode
GlobalUnlock
GetSystemDefaultLangID
VirtualProtect
HeapReAlloc

gdi32

Ellipse
EngLineTo
EqualRgn
FloodFill
BeginPath
CreateFontA
DeleteObject
GetStringBitmapA
Escape
GetMetaRgn
DeleteDC
GetMetaFileA
GetFontData
AbortPath
GetTextColor
GetRgnBox
EndPath
CreateICA
CreatePalette

rastapi

DeviceConnect
PortClose
AddPorts
DeviceDone
DeviceListen

dhcpsapi

DhcpAddServer

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE