2f0b1ea1fd73b9e6b7e62681123e0963_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2f0b1ea1fd73b9e6b7e62681123e0963_JaffaCakes118
Size

26KB
MD5

2f0b1ea1fd73b9e6b7e62681123e0963
SHA1

93f3d72ab53f7a39850275f377cbb9540dd324e4
SHA256

df786a195b919dfff2d84e3d2fe5a4d7cba0095b255feba950fb96c049c1cbf7
SHA512

fade2a7130a5005a0aeb7169271579a7fa63e89ab4ad08fc6223aef0068af7aa540837870c7b7f6592f95495849f5cfc4776eb6ff84ab661123edd8ff83d66c7
SSDEEP

384:cw9EiH2HoSevoSTcccccccccccccccccccccccccccccccccccccccccccccccc2:cSEiH2H9evoSWw7UTyiWyIClau1Vj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f0b1ea1fd73b9e6b7e62681123e0963_JaffaCakes118

Files

2f0b1ea1fd73b9e6b7e62681123e0963_JaffaCakes118
.exe windows:4 windows x86 arch:x86

41839ae28a25d906c6855721fac4e208

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
CloseHandle
GetModuleHandleA
CreateEventA
GlobalAlloc
GetCommandLineA
FreeLibrary
GlobalFree
GetFileSize
LocalAlloc
LocalFree
GetStdHandle
Sleep
GetLastError
GetStartupInfoA
GetTickCount
GetVersionExA
lstrcpyA
lstrlenA
lstrcatA

gdi32

BitBlt
SelectObject
GetStockObject
CreateSolidBrush
DeleteObject
GetTextExtentPoint32A
GetTextMetricsA
SetBkMode
CreateCompatibleDC
GetDeviceCaps
GetObjectA
PatBlt
GetTextColor
SetPixel
SetROP2
CreateFontIndirectA

msvcrt

_exit
__setusermatherr
_XcptFilter
_acmdln
exit
_c_exit
_initterm
__p__fmode
__CxxFrameHandler
__getmainargs
wcstoul
toupper
_controlfp
wcschr
_except_handler3
wcslen
memmove
rand

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ