2bafcd648fb7a9387d4e7584495c6cdf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2bafcd648fb7a9387d4e7584495c6cdf_JaffaCakes118
Size

296KB
MD5

2bafcd648fb7a9387d4e7584495c6cdf
SHA1

02e23e19d324de69aa582c78bb39eab305ad6a92
SHA256

3323f8aebf68d7be54d2c6001b7c5f082d5e37b0ea22ff0ac5bd301fa6e23515
SHA512

0b9c2a369752a59d8f9c55a21c1962cca0df127e73520692243d411c1202d41dee923ed1f8482e7700dcbbc587bd8eb4b40e42debd6d66070bc7b9b66d09003b
SSDEEP

6144:/eH4vkl9yifWoJhJkkyY1FyqjPqqOvM/Ccw7bVwd3qX1r4rh:/eH4sMifWmhztOqOB12gX1rCh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bafcd648fb7a9387d4e7584495c6cdf_JaffaCakes118

Files

2bafcd648fb7a9387d4e7584495c6cdf_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a2c8350047058ce13456e30932a9550b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

Heap32First
GetDiskFreeSpaceW
FindResourceW
GetDiskFreeSpaceW
InterlockedIncrement
GetStringTypeW
LoadLibraryA
CloseHandle
InterlockedDecrement
CreateEventW
DeviceIoControl
GetLastError
HeapReAlloc
SetEnvironmentVariableA
ExitProcess
lstrcpyW
GetPrivateProfileIntA
lstrcatW
ReadConsoleA
ReadFileEx
HeapCreate

adsldpc

ADsDeleteClassDefinition
ADsEnumAttributes
ADsExecuteSearch
ADsCloseSearchHandle

uxtheme

CloseThemeData
SetWindowTheme
DrawThemeBackground
IsThemeActive
CloseThemeData
GetThemeTextExtent
DrawThemeEdge
GetThemeTextMetrics
GetWindowTheme
GetThemeBool
GetThemeSysSize
GetThemeColor
OpenThemeData
SetWindowTheme

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 292KB - Virtual size: 291KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ