2f74ea7f305f9c3e17a3e5fdf2584670_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2f74ea7f305f9c3e17a3e5fdf2584670_JaffaCakes118
Size

815KB
MD5

2f74ea7f305f9c3e17a3e5fdf2584670
SHA1

80cdc9066144c7ea209223d8608a8507cf5a7cd9
SHA256

5c42ecef36eb8f15ec423cc864ab8ae6ec769761303ad05ef38ea42619bc7a7c
SHA512

c41b9720cba01a68c06dbd3f4d7883ecec96bb8a5ce912cbd4161b43f09d5287d710dd3e83a8f190cd8eecb8e2e3549668c72a8f74d2bae0479990d86bd6ba4a
SSDEEP

12288:CnjLQnzoP38xFjU2wMesSer0F2TC78q0fPBJgj+w5lPvqFqdkfb/b3XllGHnZ:Cq5I2+Jer0F2TCoq0XBJPFDPXXqZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f74ea7f305f9c3e17a3e5fdf2584670_JaffaCakes118

Files

2f74ea7f305f9c3e17a3e5fdf2584670_JaffaCakes118
.exe windows:4 windows x86 arch:x86

62835fc68adeb6df2d5742486bf8ce3c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GlobalLock
GetFullPathNameA
CreateFileA
GetACP
GetLastError
TlsFree
CreateEventA
LocalFree
IsDebuggerPresent
LoadLibraryExA
GetConsoleCP
GetStdHandle
FindClose
LocalUnlock
CreateFileMappingA
CloseHandle
IsBadReadPtr
HeapCreate
FreeEnvironmentStringsA

user32

EmptyClipboard
SetFocus
GetIconInfo
EndDialog
GetMessageA
DefWindowProcA
DispatchMessageA
ScrollWindow
PostMessageA
GetDC
CreateDialogParamA
GetDlgItem
IsWindow
DrawIconEx

uxtheme

EnableTheming
CloseThemeData
GetThemeColor
GetThemeMetric
DrawThemeIcon

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ