2a2aed852ba566a0f622f85c453a4998_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a2aed852ba566a0f622f85c453a4998_JaffaCakes118
Size

276KB
MD5

2a2aed852ba566a0f622f85c453a4998
SHA1

2962f930fa8922d8721b72baae7f3dd758e94a62
SHA256

a1d3432090c8e342ad6bae3d4b9bbeaa3d89e9bbf8880c420bf0fe32e881af4e
SHA512

5f2a6731e60c5dfd45359d4398acd3a4ba5e6bfea791211cf4c7986dcd0904729e9d2224c13d0ae3b8288c39f5446b1e5520ff1a327af24b79ae70304c601c54
SSDEEP

6144:thGWR6WxfvPlAhyLXHFJYlEBVkg0s0/JgW+5d3+PpE2u1Piy:uAtvqMXjYEnU/eW+5UpY6y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a2aed852ba566a0f622f85c453a4998_JaffaCakes118

Files

2a2aed852ba566a0f622f85c453a4998_JaffaCakes118
.exe windows:4 windows x86 arch:x86

43ad28bd01a8fbc0567f881df42a6102

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetSystemTime
WaitForSingleObject
HeapDestroy
GlobalSize
ResumeThread
InterlockedExchange
GetTimeFormatA
HeapCreate
PeekConsoleInputA
FreeConsole
GetCommandLineA
VirtualProtect
GlobalMemoryStatus
GetOEMCP
IsDebuggerPresent
GetUserDefaultLCID
GetCurrentProcessId
GetTapeStatus
GetModuleHandleA
GetACP

user32

GetClassNameA
BeginPaint
SetForegroundWindow
EndPaint
GetDC
FrameRect
GetTitleBarInfo
FillRect
GetWindow
AnyPopup
CreateIcon
GetFocus
wsprintfA
GetCursorPos
ShowWindow
DrawTextA
GetParent
DragDetect
ReleaseDC

ntshrui

SetFolderPermissionsForSharing
IsFolderPrivateForUser
GetNetResourceFromLocalPathA
GetLocalPathFromNetResourceA
IsPathSharedA

msutb

GetPopupTipbar

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ