2a98d42d37a341e3a63049c237d6486a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a98d42d37a341e3a63049c237d6486a_JaffaCakes118
Size

2.7MB
MD5

2a98d42d37a341e3a63049c237d6486a
SHA1

3e26f3fd21db47a633e97f31eeb3725d7ce939ba
SHA256

9f0d312d3a9277dba3ac4841dc939b1b94174ee92ad53b5f53a23990d953cec4
SHA512

16e3414de7c752d9c1eff6bb7c34c597cb3a9ec24f46db7772491a98ae816a94acdd41527d6e8dfa79b9ef132007c5fdf850707808599671e50fa958f7f52b20
SSDEEP

49152:oq7525MBnc9vieEbPYE/KghFHJ/IMItV7Bq+YM6ouOidRR7GtppXPZR:v753k5AZSgGM8V7Bq+coZiBgpXPf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a98d42d37a341e3a63049c237d6486a_JaffaCakes118

Files

2a98d42d37a341e3a63049c237d6486a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1848325c84dbe57c8d77eec03f8ebf92

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Y:\Mpjo\EIauvl\piCx.pdb

Imports

gdi32

GetLayout
PathToRegion
RemoveFontResourceW
GetRgnBox
CreatePatternBrush
SetAbortProc
CreateBitmap
SetBitmapDimensionEx

shlwapi

PathFindExtensionA

kernel32

TryEnterCriticalSection
CreateFileW
CloseHandle
ReleaseSemaphore
FreeResource
FindFirstFileW
CreateSemaphoreW
CreateWaitableTimerA
GetTickCount
CreateFileMappingW
DeleteFileW
GetShortPathNameA

user32

ScrollWindow
MapVirtualKeyW
AppendMenuA
LoadAcceleratorsA
EnableWindow
GetKeyState
PtInRect
DefDlgProcW
IsCharLowerW
GetMessagePos
GetWindowPlacement
GetLastInputInfo

Exports

Exports

?mralryhbtoKooiXCoul@@YGPAFPAG@Z
?FVtGwsGcEyqYvlWxqG@@YGFD@Z
?rbzsdlnhqxVoxrhw@@YG_NIE@Z
?ydysjbmSGxz@@YGPAXM@Z
?seHQuFoyqa@@YGIPA_NK@Z
?RqMsAwujt@@YGPAKJI@Z

Sections

.itext
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 7.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ