2f1f305e2a21d3edc7b817266c65c039_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2f1f305e2a21d3edc7b817266c65c039_JaffaCakes118
Size

27KB
MD5

2f1f305e2a21d3edc7b817266c65c039
SHA1

49d1e0913a38be7cf45f7180ef0a584f2b4ece39
SHA256

4d3d87424f68792261ac4e24168136762a7a23b9d5099a443ae3767860fa987a
SHA512

dc655bffc5c440cae030d0d6482f23a86fe78e00d578892c09d1ce6a3887462ea53eea34ac181717cf78910037609b9c367ffa68a72ff48f7dafb79479eeef37
SSDEEP

384:2zNKWM86+u+M9B7UTw6AlT+WymHDBEh4Ci6AGtRoBMm:KN5LOB7UTyiWyMCi6AGt2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f1f305e2a21d3edc7b817266c65c039_JaffaCakes118

Files

2f1f305e2a21d3edc7b817266c65c039_JaffaCakes118
.exe windows:4 windows x86 arch:x86

20cb4995c155b659f8d99a5658ca7da2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
CloseHandle
GetModuleHandleA
Sleep
GlobalAlloc
lstrlenA
GetLastError
lstrcatA
GetFileSize
GlobalFree
CreateEventA
GetTickCount
LocalAlloc
lstrcpyA
FreeLibrary
LocalFree

user32

DestroyWindow
BeginPaint
DefWindowProcA
GetMessageA
ShowWindow
GetSysColor
GetClientRect
EndPaint
MessageBoxA
SetWindowTextA

msvcrt

__set_app_type
exit
_initterm
rand
_except_handler3
__p__fmode
__p__commode
__getmainargs
wcschr
_adjust_fdiv
__CxxFrameHandler
toupper
_controlfp
wcstoul

gdi32

SetBkMode
GetTextColor
CreateFontIndirectA
CreateCompatibleDC
SelectObject
MoveToEx
GetPixel
CreateSolidBrush
SetPixel
DeleteObject
BitBlt
PatBlt

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ