2bbbe929b8962774d0af7c43fcba8faf_JaffaCakes118 | Triage

Sharing

General

Target

2bbbe929b8962774d0af7c43fcba8faf_JaffaCakes118
Size

370KB
MD5

2bbbe929b8962774d0af7c43fcba8faf
SHA1

20136703345e649031a1fb2df5b481855b291003
SHA256

f0873abf21f6f48653a00436bef29c1b4e2648d94de7c620075efb696e5d884a
SHA512

44ed638e7f033da44d317f4537f871c41c2f9e122036de194c9a3699eb8774ee11e0331f9607bf87860147fae9e00becb3d1abf820ffa332e9832b2a333f22e1
SSDEEP

6144:fBOm1aZCkx2o4sGmn8rv4DNpTaQzRmPQ8QiG8AKMEvxkNGkfnCJ49ijMXC:JOFqon8rvgp49VMEZMfna49ijM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bbbe929b8962774d0af7c43fcba8faf_JaffaCakes118

Files

2bbbe929b8962774d0af7c43fcba8faf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a4fc85ede37bf107535994b2340ce51c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
GlobalFree
VirtualAlloc
LocalFree
GetDriveTypeA
lstrlenA
FindVolumeClose
LocalSize
GetExitCodeProcess
GetModuleHandleW
CloseHandle
GetLocalTime
ResetEvent
FreeConsole
GetMailslotInfo
CreateFileW
GetPrivateProfileIntW
ReleaseMutex
ReadFile
GetProcessHeap

user32

CreateWindowExA
GetCursorInfo
GetClassInfoA
GetKeyState
GetDlgItem
GetMenu
DrawStateW
CallWindowProcA
DispatchMessageA
GetClientRect
EndDialog
SetFocus
GetSysColor

clbcatq

ComPlusMigrate
ComPlusMigrate
DllGetClassObject
ComPlusMigrate
ComPlusMigrate

desk.cpl

InstallScreenSaverA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 360KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ