2fea95b1e78f668f61faca0a80ddc456_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2fea95b1e78f668f61faca0a80ddc456_JaffaCakes118
Size

537KB
MD5

2fea95b1e78f668f61faca0a80ddc456
SHA1

920bf527afd42f6b53c9caab97e9b624af6902fe
SHA256

c222a98814cf3d0feec554e3db23913cea9f03f8836fc43c4678e54aa95b17ef
SHA512

f70341dbfd376116589bced7a36f47c662120b19e71fcbc7286d6f65fd279e554fa5d063f5b2f8b1b3f18395f120f3d98cada1bb168f32816200d2e496a4e744
SSDEEP

6144:P5mXmmPXTW9j3TZjwcjNwAY014Aqk8eLDo6ep:Pg2AXCF3TKWNzY8jq36M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2fea95b1e78f668f61faca0a80ddc456_JaffaCakes118

Files

2fea95b1e78f668f61faca0a80ddc456_JaffaCakes118
.exe windows:4 windows x86 arch:x86

103b67839f9a47fc3987268fb5968883

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMessageA
IsWindow
DispatchMessageA
PostMessageA
PeekMessageA
DefWindowProcA
ShowWindow

kernel32

GetLastError
LocalFree
SizeofResource
LoadLibraryW
GetExitCodeProcess
ReleaseMutex
WriteFile
CloseHandle
GetCurrentProcessId
GetModuleHandleA
GetSystemDefaultLCID
GetUserDefaultLangID
GetUserDefaultLCID
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetCommandLineA
GetSystemDefaultLangID
GetCommandLineW
VirtualAlloc

Sections

.text
Size: 332KB - Virtual size: 331KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 826B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 752KB - Virtual size: 752KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ