2a58200100734212f692c88afe3d939a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a58200100734212f692c88afe3d939a_JaffaCakes118
Size

115KB
MD5

2a58200100734212f692c88afe3d939a
SHA1

43253ea3fc83ca0ab1a1981eff9daa5d4fb824a2
SHA256

fb9934c99331a2209eb04747832c961835f760979f6502dc23a1592b328b3fc9
SHA512

dfb8dd832b3df86ece680ddaf6915b95e6fb4e6844f1f66e2dffb60318f9e3c36e8edd486ed9d2105bd43dcdfd56326eae4ce90c36be222be2521b4a386d8dee
SSDEEP

3072:PounO7O7nmTmb4qVp3OIjmnwHMZC4ruHgJiJ8yeKwaKANizC:Poun06oMxZ6nSMsFHgJ2EKI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a58200100734212f692c88afe3d939a_JaffaCakes118

Files

2a58200100734212f692c88afe3d939a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

932ab8466a65ce0ec70e83a433009179

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpA
lstrcmpiA
VirtualAllocEx
LoadLibraryA
GlobalAlloc

user32

IsWindowUnicode
GetMenu
GetWindowLongW
GetWindowLongA
GetWindowDC
CharUpperA
GetWindowRect
GetWindowPlacement
GetWindow

gdi32

GetDIBits
CreatePenIndirect
SetBkMode
GetDIBColorTable
GetBkColor

shell32

SHFileOperationA
Shell_NotifyIconA
DragQueryFileA
SHGetFileInfoA

Exports

Exports

_LwMMGk@16
1dFIw@4
_BR4KGi4
HVZCzYPGijGhg
_aiIrfldJZC@20
_YzZba_gZzd8hnK
_ttKP4lzoHgHw
g7Y5pyiI
_y9caygQA@12
_CC_7gsJKp
t44ybZAKFsqYHg@20
_2xaN4aHtb@4
kJTSYNBB16NN5
_jgRNmGxY@16
_ASL9_sUsnYa
_umjA5g_PUS
cAMMpwQT0h

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ