2f864fa50462a7f36c214e1a7fcf9e24_JaffaCakes118 | Triage

Sharing

General

Target

2f864fa50462a7f36c214e1a7fcf9e24_JaffaCakes118
Size

132KB
MD5

2f864fa50462a7f36c214e1a7fcf9e24
SHA1

9d2904bf946d00da3c499730361f4747c8b8c4a6
SHA256

8fe3f218da66d86cefe1631e998dd27450b895dd7ed367df5574f9f141d0bf27
SHA512

ae774f3a23b139bdac1242ce1725c3d86f35851ea0d3546f22f1f42fa138366cf38d36dca8ce8fab98456eb5d22492c3d4e15ad8ec805dfad4b14881fc311271
SSDEEP

3072:1cuGIpoJ2i8oxHDl9OxQPHlbrOEWSzCWC:1cwo0i8oxjl9prOEWSz8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f864fa50462a7f36c214e1a7fcf9e24_JaffaCakes118

Files

2f864fa50462a7f36c214e1a7fcf9e24_JaffaCakes118
.exe windows:4 windows x86 arch:x86

57d4fbf5e23d5255522fdf6a06c0cf16

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
FindResourceW
GetFileAttributesA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
IsDebuggerPresent
LoadLibraryA
VirtualAlloc
VirtualFree

user32

DestroyMenu
DestroyWindow
EndDialog
GetDlgItem
GetSysColor
IsWindowVisible
LoadBitmapA
ScreenToClient
SetWindowTextA
SystemParametersInfoA
UnregisterClassA

gdi32

CreateCompatibleBitmap
CreateCompatibleDC
CreateSolidBrush
ExcludeClipRect
GetBitmapBits
GetCurrentPositionEx
GetEnhMetaFileHeader
GetTextMetricsA
LineTo
Rectangle
RestoreDC
SetViewportOrgEx

shell32

DragQueryFile
DragQueryPoint
SHAppBarMessage
SHCreateDirectoryExW
SHFileOperationA
SHGetDesktopFolder
ShellExecuteExA

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ