2f36a7cb4651b4aa0496a19e29a0263e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2f36a7cb4651b4aa0496a19e29a0263e_JaffaCakes118
Size

86KB
MD5

2f36a7cb4651b4aa0496a19e29a0263e
SHA1

2269537443203fd0c9115fcbf3eeaaa9487c4e23
SHA256

131f4c5621c13d38be68ebd7ff7fd68601f525b229aef3e850ae0bfaa85b12b0
SHA512

6d803311236e7b2c973a53560a045c391bcb6e2ca75104741a4b16519a2daf1737f1abc488b893429b745211d77ea5d9522b368ae777180c119bc16bdb52c36e
SSDEEP

1536:UhDPlLoY/23RKDHGU/VKQZ9r+EaSzQEE0KvA2mRhspdzItw/0kKeVrp:dYOEDmUEQZ9r+EaSzuvA2EWdzbKWp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f36a7cb4651b4aa0496a19e29a0263e_JaffaCakes118

Files

2f36a7cb4651b4aa0496a19e29a0263e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6d5416b819e9ad13ab12964674e30d80

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
DeleteFileA
CreateMutexA
ExitProcess
SetFilePointer
CloseHandle
HeapReAlloc
GetComputerNameA
GetVolumeInformationA
GetProcessHeap
GetModuleFileNameA
GetLastError
CreateFileA
HeapFree
IsBadReadPtr
GetCurrentProcess

ole32

CoUninitialize
CoTaskMemAlloc

user32

SetWindowLongA
GetWindowLongA
TranslateMessage
DispatchMessageA
PostQuitMessage
GetSystemMetrics
DefWindowProcA
CreateWindowExA
LoadIconA
DestroyWindow

oleaut32

SysFreeString
SysAllocString

advapi32

RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegSetValueExA
RegQueryValueExA

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ