2a8d68bf5df3c1ab318f7e9eb7f7eb9f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a8d68bf5df3c1ab318f7e9eb7f7eb9f_JaffaCakes118
Size

304KB
MD5

2a8d68bf5df3c1ab318f7e9eb7f7eb9f
SHA1

76d62b1c5f1cb2fe6ebee799b9a5d65ee407f8b2
SHA256

d5b45e2b33b5cd30d75236a77016f0a5096d4642e5296459811857fd0ee5dfdb
SHA512

2f44bc90f0e174110f07803a76783cb7e7461be77f937ed23a957424c6fa79b8f2a422ba5c7c0dd4ca2d28503c872e65d0383b59e6f31d517afd2136401a7afb
SSDEEP

6144:7nuOX3aUJPD1F1Mnn2Qr8GtVmyMxcIhRGq40xOauPBYaWc1P7qcLFh+DnivY:7n/d1hF2n2lGtVLAcIhRuGfsSV4zj+Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a8d68bf5df3c1ab318f7e9eb7f7eb9f_JaffaCakes118

Files

2a8d68bf5df3c1ab318f7e9eb7f7eb9f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

42de3887fc8707255f9a1be555f0e150

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
GetFileAttributesA
lstrlenA
GetTickCount
GetSystemTime
ReleaseMutex
LoadLibraryA
LocalFree
GetDriveTypeW
ExitProcess
ReleaseMutex
VirtualAlloc
GetCommandLineW
ResetEvent
GetTickCount
GetDiskFreeSpaceW
GetComputerNameW
GetModuleHandleW
FindAtomW
CloseHandle

user32

GetClientRect
DrawStateA
DestroyCaret
DispatchMessageA
FillRect
GetCaretPos
CreateWindowExA
EndDialog
CloseWindow
GetClassInfoA
GetDlgItem
CallWindowProcA
GetMenu

rasapi32

DwRasUninitialize
DwCloneEntry
RasDeleteEntryA
RasDialA
DwEnumEntryDetails

adsnt

DllGetClassObject

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 294KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ