a2e6452877567ce7d3631b96f36a4469_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a2e6452877567ce7d3631b96f36a4469_JaffaCakes118
Size

340KB
MD5

a2e6452877567ce7d3631b96f36a4469
SHA1

fa70bfa5da816abdac168d16b6530ba7ac875779
SHA256

7f0c42d8bd227b7c9f71169dac4c62786a8b3ccf1941d89171cb011fd4674612
SHA512

331e4d45fe76a93b115f7caeb35694486c3ac8a3d60b44c745ccc81f1232cbe0f53f0dc217eae66bbc661d603030ed01ee7c01601a8b2e892bfc92665939983d
SSDEEP

6144:TH1qULgkHiOsEmM+vMNPN+o6BWl+4VwYC/AkKJqWHlFA8DVM3SN:IULKOsEmMBNP76sl+BxYkZW7AMV8G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2e6452877567ce7d3631b96f36a4469_JaffaCakes118

Files

a2e6452877567ce7d3631b96f36a4469_JaffaCakes118
.exe windows:4 windows x86 arch:x86

13336f6ae0eb08c4c50ccdbcada80364

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCP
lstrlenA
GetModuleHandleA
FindClose
CreateMailslotA
CloseHandle
CreateEventA
GlobalLock
GetACP
GetLastError
GetStdHandle
IsDebuggerPresent
GlobalUnlock
LocalFree
HeapCreate
FreeEnvironmentStringsA
LoadLibraryExA
CreateFileMappingA
CreateFileA
IsBadReadPtr

user32

SetFocus
GetIconInfo
GetParent
GetListBoxInfo
DispatchMessageA
RedrawWindow
IsMenu
GetDlgItem
DialogBoxParamA
EndDialog
GetDlgItemTextA
CheckMenuItem
GetMessageA
DrawIconEx

apphelp

SdbFindFirstTag
SdbFreeFlagInfo
ApphelpCheckRunApp
SdbCloseDatabase
ApphelpShowDialog

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ