02b2f4d352f96b1e958c270a41bd5476_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

02b2f4d352f96b1e958c270a41bd5476_JaffaCakes118
Size

128KB
MD5

02b2f4d352f96b1e958c270a41bd5476
SHA1

e45cde753063d56061919a553369302445c0d0c8
SHA256

eb164f85dc636fb6969aaa58cd1417493e028c84fb6784a16c6c32b0aa1879e4
SHA512

d24abb0d88db76b5224077c398e7f4a1fa93ad0b12e3d7aebc2f3f71702c4fda61494192dfa60592060cbef0f0c286064b94089ac8e3382733c8c4b82536f064
SSDEEP

768:DNn7UtbscqG5ohImBPBejSphylfG+NLCtH1In6DZlMUmmGHU6fG:prMoh5PcufTLNQxmGH1f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02b2f4d352f96b1e958c270a41bd5476_JaffaCakes118

Files

02b2f4d352f96b1e958c270a41bd5476_JaffaCakes118
.exe windows:5 windows x86 arch:x86

636718efc5d88147aa52f1510ae5a84a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileType
OpenFile
GetCommandLineA
lstrlenA
GetCPInfo
GetPriorityClass
HeapFree
ExitThread
GetFileTime
HeapAlloc
CopyFileA
CreateDirectoryA
CompareStringA
GetLocalTime
WriteFile
DeleteFileA
OpenFileMappingA
CopyFileExA
FreeResource
GetLastError
FlushFileBuffers

advapi32

RegEnumValueA
RegGetKeySecurity
RegOpenKeyExW

user32

IsWindow
CopyImage
GetScrollPos
GetFocus
GetWindowTextLengthA
AppendMenuW

Sections

.89g7
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.c3gd
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.719ac
Size: 59KB - Virtual size: 382KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.793e
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.7chch
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ