2f817337ec8b5b094fffe55dd03be2b6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2f817337ec8b5b094fffe55dd03be2b6_JaffaCakes118
Size

317KB
MD5

2f817337ec8b5b094fffe55dd03be2b6
SHA1

144e091daa11ae3f6251d290a76e7e0f82f0f136
SHA256

19b2bf48567ae6eaaa2027fdb77a8dbb71ecdaf04c2dacb41a8ed062825a87f2
SHA512

4efa72a01271d12f8fda259170c2b1c47d567c1c321f64550cebdfae8e415e7277185496bec940aa403208dff08a03f2e337c8f7ea13317b53e5536fdb4415ba
SSDEEP

6144:L+BSeC/4nXA13lwjbjHMGcnr6hDLCF1bzzFD5BrOSMInBOwUsD1N:L+VnX5Hrlcnr6hDLstzzYSMaBOwUsRN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f817337ec8b5b094fffe55dd03be2b6_JaffaCakes118

Files

2f817337ec8b5b094fffe55dd03be2b6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9999b661122249c278f15d2921a55cda

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadCodePtr
GetStdHandle
VirtualProtect
CloseHandle
DeleteAtom
RaiseException
GlobalUnlock
lstrcpyA
FreeConsole
EnterCriticalSection
GlobalFree
GlobalAddAtomA
GetOEMCP
LoadResource
LoadLibraryExA
LocalFree
WriteProfileStringA
SetConsolePalette
HeapCreate
GetLastError
GlobalAddAtomA

user32

GetForegroundWindow
ValidateRect
GetDC
GetParent
GetClassInfoExA
GetActiveWindow
BeginPaint
GetFocus
IsIconic
GetClassNameA
GetWindowTextA
EndPaint
ShowWindow
GetWindowTextLengthA
ReleaseDC
CloseWindow
GetWindow
DrawEdge
AlignRects

mprapi

MprAdminUserRead
MprAdminUserGetInfo
MprAdminUserClose
MprAdminUserOpen
MprAdminUserWrite

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ