2fc3938e7c3a626b209d0c859e4736f2_JaffaCakes118 | Triage

Sharing

General

Target

2fc3938e7c3a626b209d0c859e4736f2_JaffaCakes118
Size

327KB
MD5

2fc3938e7c3a626b209d0c859e4736f2
SHA1

8bcd45d85ed8ed2a105952f1677673e711adf63b
SHA256

68518254186ecfa86797c7ee18425cada7b24da2c03f029a04fecff55419c1ae
SHA512

998b88d5a53826d9841a3ab1845e47544acdd27595a388a4ef86bf0705a5d90cd98bbbd9c51c2001f40e1d834f2ed653e4f6d69b3eeb92f44182d91e9e23fa9d
SSDEEP

6144:g7QnQKYfebCvP87yYJKKgBlLxYFFCMoi2AyCfFQ:gyQLfebCvPcyhBtxY7Gi2Ay

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2fc3938e7c3a626b209d0c859e4736f2_JaffaCakes118

Files

2fc3938e7c3a626b209d0c859e4736f2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e90a7f8cef2ae29abf631e5373c6a967

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumResourceTypesA
VirtualProtect
PulseEvent
GetDateFormatA
GetModuleHandleA
IsBadReadPtr
Sleep
CloseHandle
FindClose
SetLastError
FreeConsole
LocalFree
LoadLibraryExW
GetDiskFreeSpaceExA
IsBadCodePtr
GetCommandLineA
GetDriveTypeW
DeleteCriticalSection
GetLastError
TlsGetValue

advapi32

RegCloseKey
CloseTrace
IsValidSid
FreeSid
OpenEventLogA
LsaFreeMemory
LsaClose
RegLoadKeyA
CloseEventLog
RegCreateKeyExA
LsaSetSecret
GetFileSecurityA
AccessCheck
RegCloseKey

uxtheme

GetThemeBool
DrawThemeText
DrawThemeIcon
GetThemeColor
CloseThemeData

Sections

.text
Size: 3KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ