2faf130f59e605d18f059c8174856841_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2faf130f59e605d18f059c8174856841_JaffaCakes118
Size

413KB
MD5

2faf130f59e605d18f059c8174856841
SHA1

eec58b33209303c1126953a8d83da3141bf6ef7e
SHA256

2c6e10e57d33ec8ff6d3a2382a4e1f524556b250b0e6ca1e80febfd881dfeb4f
SHA512

dfb389ad4b7b43d4e93a4f6b53a8ec1d5b6b507df1ad295f9591afbacf9bee856c3a8d8fe95e061d04d6f14e82cd31cf562abcc799aea2ad24acb16b07026133
SSDEEP

6144:CRGoNREtUzhIBhwrtKQeMixD10lqk3A+8sJSy91qBrXVXHMOXXNdgtCxdJS0:IW6bcOZ3AuwiqBrFpXXg0W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2faf130f59e605d18f059c8174856841_JaffaCakes118

Files

2faf130f59e605d18f059c8174856841_JaffaCakes118
.exe windows:4 windows x86 arch:x86

527431d13a5988e12355f65b6050ad6b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateJobSet
GetVolumePathNameA
GetProfileIntA
EnumDateFormatsA
VirtualAlloc
ExitProcess
CloseHandle
FindAtomA
GlobalFree
CreateMailslotA
GlobalLock
GetUserDefaultLangID
EnterCriticalSection
GetProcessHeap
GetOEMCP
LocalHandle
GetProfileStringA
GlobalFlags
GetStdHandle
GetTapeStatus
GetModuleHandleA

user32

GetWindowTextA
GetFocus
ShowWindow
GetParent
ValidateRect
ReleaseDC
GetForegroundWindow
GetDC
RegisterClassA
GetWindow
DrawEdge
IsIconic
GetWindowTextLengthA
BeginPaint
GetActiveWindow
GetClassInfoExA
EndPaint
CloseWindow
GetClassNameA

gdi32

CreateDCA
CreateDIBitmap
ExtCreatePen
GetCharWidthA
GetColorSpace

sxs

SxsLookupClrGuid

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ