2fc6c0e6795fbbe2afdb5d1a3192fa28_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2fc6c0e6795fbbe2afdb5d1a3192fa28_JaffaCakes118
Size

18KB
MD5

2fc6c0e6795fbbe2afdb5d1a3192fa28
SHA1

dccaa64e2ee460667ac00ff87e96e5c71ca2e54a
SHA256

bf9c4ef9e9c8705620ae43d87e476fa122b6d19ba7fcda252d47b6dbb86eb6d7
SHA512

9a012e8a550537cd39c89777ee51c233738c9285a6ea2870e4afe6eb1bde9fb086418a524ff1e741ca09671d3c50eef98c8fdc6786d17e2c6d48761057f4b8dd
SSDEEP

192:6zHhYRlBVi+QHnJyPep7343vE26/hp/6RtI5uTh8ZMf24oH7s61NI:/ipoPJv96ZpyS8njFJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2fc6c0e6795fbbe2afdb5d1a3192fa28_JaffaCakes118

Files

2fc6c0e6795fbbe2afdb5d1a3192fa28_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ff81ff2327b3064db6805b2666c553e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SuspendThread
HeapReAlloc
GetModuleHandleA
GetSystemDefaultLangID
CompareFileTime
GetConsoleCP
WaitForMultipleObjects
GetAtomNameA
InterlockedExchange
CloseHandle
GetStdHandle
GlobalUnlock
LoadLibraryExA
HeapCreate
lstrlenA
VirtualProtect
GetCommandLineA
SetConsoleCP
GetTickCount
GetVersion
WaitForSingleObject

user32

FindWindowA
GetKeyboardLayout
SetScrollInfo
InvertRect
GetKeyState
DrawCaption
InsertMenuA
CreateMenu
GetDlgItem
DragDetect
GetCursorInfo
DestroyMenu
DialogBoxParamA
DispatchMessageA
FillRect
IsDialogMessage
SetWindowPos
SetPropA
CreateIcon
DragObject

winmm

auxGetVolume
auxSetVolume
CloseDriver
PlaySoundA
OpenDriver

version

VerQueryValueA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ