2fb3b5038fadd24c981180640e284638_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2fb3b5038fadd24c981180640e284638_JaffaCakes118
Size

636KB
MD5

2fb3b5038fadd24c981180640e284638
SHA1

bc85f1c7877e0858abd24e5bf6a23502a6a6e111
SHA256

015d6d2a3a3e6d43c6f15b7af8124b9830c3f3182ce62d00ce50789535b01c81
SHA512

d8b89f89fcf97fb653121c9d0f768771c1a3f0576c6da3fb09203674421a9f1ba971f4a71b261ebd24d0e80f84fae6bd70bc5e8b65ae1954b85001bee63ad28c
SSDEEP

12288:4kxkB3WHQjD4JIVhFpDT0o63+wiaAslHUX5DeBEhpe6VGb5+cSABkz69:4RUwD4JSFpJ6OwiaXHUqEhQDbETABk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2fb3b5038fadd24c981180640e284638_JaffaCakes118

Files

2fb3b5038fadd24c981180640e284638_JaffaCakes118
.exe windows:4 windows x86 arch:x86

82ef61b460ae0e0be8e3d3eab5719c0c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
GetConsoleCP
GetTickCount
SetConsoleCP
GlobalUnlock
VirtualProtect
WaitForSingleObject
GetVersion
SuspendThread
CloseHandle
lstrlenA
GetSystemDefaultLangID
CompareFileTime
GetModuleHandleA
LoadLibraryExA
HeapCreate
InterlockedExchange
WaitForMultipleObjects
GetCommandLineA
HeapReAlloc
GetAtomNameA

user32

GetKeyState
SetScrollInfo
CopyImage
DialogBoxParamA
CreateIcon
IsDialogMessage
InvertRect
CreateCursor
SetPropA
GetDlgItem
FillRect
InsertMenuA
DispatchMessageA
SetWindowPos
GetCursorInfo
GetKeyboardLayout
EnableScrollBar
DestroyMenu
DrawCaption
FindWindowA
CreateMenu
DragObject

advapi32

RegCreateKeyExA
RegCloseKey
RegEnumValueA
RegQueryInfoKeyA
RegEnumKeyA

uxtheme

GetThemeColor

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ