2a48099b4e47290016c2b86d94c3f285_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a48099b4e47290016c2b86d94c3f285_JaffaCakes118
Size

23KB
MD5

2a48099b4e47290016c2b86d94c3f285
SHA1

d92c994228ef19cc8d6713d9150631e963d9f0a0
SHA256

e34d5940aa3b73870aca6410f16d0b76d61a479e707addc8a407dea4ffe5a7b0
SHA512

8fc4128e4a2ed9e6ec86c697f382380c8de4bf7aaf1723426c6403e72848b968b4fac68b05140c7a6d93b48271d557a56f96315d0af9cc2945716d58e7fdfa26
SSDEEP

384:2vrkDeeCHNhoWOnDfC/5g/DDjKAPfu1COQ:WkxCrID5v5fu1Cr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a48099b4e47290016c2b86d94c3f285_JaffaCakes118

Files

2a48099b4e47290016c2b86d94c3f285_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bd95935d134cdc539078ba76575f54c5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

LookupAccountSidW
RegCreateKeyExA
DeleteService
RegOpenKeyW

msvcrt

_iob
_waccess
ctime
_exit
wcslen
fclose
strerror
memset
__set_app_type
isalnum
atol
_lseeki64

kernel32

VirtualAlloc
EnumSystemLocalesA
ExitProcess
EnterCriticalSection
lstrcmpiW
UnhandledExceptionFilter
WriteConsoleW
HeapAlloc
CreateFileMappingW
GetSystemTimeAsFileTime
FileTimeToLocalFileTime
FlushFileBuffers

version

GetFileVersionInfoSizeW
GetFileVersionInfoA
VerQueryValueW
GetFileVersionInfoSizeA

gdi32

CreatePenIndirect
CreatePen
EndPage
ExtFloodFill
DeleteMetaFile
GetWindowExtEx
SetBitmapBits
SetBkMode
Pie
CreateRoundRectRgn
GetTextFaceW
SetViewportExtEx
GetObjectA

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 3KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE