2822c630653ca8cfc14f11321bf57b1f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2822c630653ca8cfc14f11321bf57b1f_JaffaCakes118
Size

312KB
MD5

2822c630653ca8cfc14f11321bf57b1f
SHA1

93688f2a0e573c549cd5d106168983a8f97680fd
SHA256

9bafa2800bcb49f975f4bf01de8226071afdd41167596aa8a2bd61dc2357b7c0
SHA512

f425170f2ea1f24f547765c4892249811c55fa34ae52a003e255e76e57274c6ba50952f9f9658126bd3ba5b695a90cdbd162fa4890593749068766e536e61d1d
SSDEEP

6144:1ZGo01WJqhRe+/2bI5WIptELR1SJ1vA6o+WwPS1mK4G:Lz0wJ8I+AeWIpKLfSJ1vAD+WwPV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2822c630653ca8cfc14f11321bf57b1f_JaffaCakes118

Files

2822c630653ca8cfc14f11321bf57b1f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1b1b4aff6113ebb574de8d49ddb43345

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetNumberOfConsoleInputEvents
UnmapViewOfFile
CloseHandle
GetFileType
GlobalSize
CreateFileMappingA
WriteFile
ExitProcess
GetFileSize
Sleep
MapViewOfFile
CreateFileA
ReadFile
lstrlenA

avifil32

AVIStreamRelease
AVISaveOptions
AVIStreamGetFrameClose
AVIStreamGetFrameOpen
AVIStreamInfoA
AVIFileInit
AVIFileRelease
AVIFileGetStream

gdi32

SetViewportOrgEx
GetDeviceCaps
GetClipBox
OffsetViewportOrgEx
RectVisible
DeleteDC
DeleteObject
TextOutA
SetMapMode
SetWindowExtEx
GetStockObject
CreateBitmap
ScaleViewportExtEx
ExtTextOutA
PtVisible
SetViewportExtEx
SaveDC
SetBkColor
SetTextColor
ScaleWindowExtEx
Escape
SelectObject
RestoreDC
SetDIBitsToDevice
StretchBlt

user32

ShowWindow
RegisterClassA
GetKeyState
EnumWindowStationsA
GetClassLongW
SetFocus

Sections

.text
Size: 187KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 5KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ