2ee930724d46cc011b3394b07599f800_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ee930724d46cc011b3394b07599f800_JaffaCakes118
Size

51KB
MD5

2ee930724d46cc011b3394b07599f800
SHA1

1cd7394e409c9a1e437b9b9729ede1d4745f8d9b
SHA256

3c4a14d1990d2d67e14c1238377c60367d32bd495397d010d4a478e56385ccfa
SHA512

f4e74e15ecbce94557c9b3a11aa6fc76a80758ee6f04b64ebdb17fa64cb21e10234f4ca8707c493060794ba100fd3086db615be61b7485dc064246a103b2c7c6
SSDEEP

768:x2y5LDWfalvrE/2csmzJJYB+oQIgAvx/VatnOD0dvG5THD7CYAlh3UUFaybyJW:HWGcZN/YB+oQqx/VmnTGND7zAv7Bbz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ee930724d46cc011b3394b07599f800_JaffaCakes118

Files

2ee930724d46cc011b3394b07599f800_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4161c86e575681354678e08f2251bc5e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CallNamedPipeW
ClearCommError
DefineDosDeviceW
ExitProcess
PulseEvent
VirtualFreeEx
_lread
lstrcatA

user32

CharUpperA
ClipCursor
DdeGetData
DefFrameProcW
DialogBoxParamW
GetAsyncKeyState
GetWindowThreadProcessId
IsDialogMessageW
SetCapture
SetMessageQueue
SetParent
VkKeyScanW

shell32

CheckEscapesW
ExtractAssociatedIconW
FindExeDlgProc
SHAddToRecentDocs
SHGetDataFromIDListW
SHGetFileInfo
SHQueryRecycleBinW
SheGetCurDrive
SheGetDirW

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE