2ae5a464f76adb4e89faee0e7b32de5b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ae5a464f76adb4e89faee0e7b32de5b_JaffaCakes118
Size

139KB
MD5

2ae5a464f76adb4e89faee0e7b32de5b
SHA1

f788e2ea61ab33b674645bf72872b76c9bff0ff6
SHA256

3f15ed03c1c6c313f07bf55f0d0033d50709e5783688fd91e533a18f2f4b9202
SHA512

716be3eb38de05b57c42ac1575c206f3f9ec87a6e307ebb5d7d0d7aa65f990c3790d58c4e26f1689acddf71ad4cd5be5d6428495f248ffbc979c7a61bbec5259
SSDEEP

3072:U13F1k6VlAb8P4s44SfiOGBpayiUJBRbgynbpRys9P:U13F1D+wQTfi7rXBZgq9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ae5a464f76adb4e89faee0e7b32de5b_JaffaCakes118

Files

2ae5a464f76adb4e89faee0e7b32de5b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b7c316532617181322ac0cf222d14fa0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerFindFileA

kernel32

GetStringTypeA
IsBadHugeReadPtr
GetOEMCP
GlobalAlloc
HeapDestroy
IsBadReadPtr
ExitProcess
WideCharToMultiByte
LockResource
GetStdHandle
GetSystemDefaultLangID
GetProcAddress
GetLastError
GetFileType
GetCommandLineA
GetProcessHeap
VirtualAllocEx
GetACP
GetEnvironmentStrings
ExitThread
GetThreadLocale
LocalAlloc
GetStringTypeW

gdi32

SelectObject
CreateBitmap
GetTextAlign
GetPixel
SetTextColor
GetDIBits
GetCurrentPositionEx

user32

GetFocus
GetSysColor
IsCharLowerA
IsCharUpperA
GetMenu
CharUpperA

ole32

CoTaskMemFree
OleCreateStaticFromData
CLSIDFromProgID
StgCreateDocfileOnILockBytes
CoGetObjectContext
OleRegGetUserType
CreateBindCtx

Exports

Exports

KByb7
KmhdGmVj
_6uINw5@8
Zh5hi7FeGwql

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1004B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ