2faf631d8793c50b86cb5858edf6bf4f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2faf631d8793c50b86cb5858edf6bf4f_JaffaCakes118
Size

808KB
MD5

2faf631d8793c50b86cb5858edf6bf4f
SHA1

3cfb293e4bd332a00cb37c370d84d3dbf0d9da98
SHA256

6444dba012a7898bb3f6ac8fea2af499af61e4516233b31b3a979ed7af9e974f
SHA512

28e0bc26b6092dfb4728c818ee6c965765643f8c86daddb58e1d60ebd7f986bf0830de8115c9dbcf6b04fc69a2c51c51a302ecb5e4863816a06da134865da4d1
SSDEEP

24576:+LVHsKKE5kyej2L6KbkZpTM4R3+yy6sS:+xMK9qBj4bagKOyL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2faf631d8793c50b86cb5858edf6bf4f_JaffaCakes118

Files

2faf631d8793c50b86cb5858edf6bf4f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c1c98f37cfa8612a0820890c0b257fd6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
ResetEvent
CloseHandle
InterlockedExchange
CreateThread
GetMailslotInfo
FreeConsole
GlobalFree
GetPrivateProfileIntW
lstrlenA
LocalFree
LocalSize
ReadFile
GetModuleHandleW
FindVolumeClose
GetDriveTypeW
CreateFileW
GetExitCodeProcess
ReleaseMutex
VirtualAlloc

user32

GetCursorInfo
GetClassInfoA
DispatchMessageA
SetFocus
DrawStateW
CallWindowProcW
GetClientRect
IsIconic
GetSysColor
GetDlgItem
CreateWindowExA
EndDialog
GetKeyboardType

dsprop

CheckADsError
CheckADsError
ReportError
CheckADsError
CheckADsError

desk.cpl

InstallScreenSaverW

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 798KB - Virtual size: 798KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ