2b042ffb83b0e5b68febc79d78f55e3d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b042ffb83b0e5b68febc79d78f55e3d_JaffaCakes118
Size

370KB
MD5

2b042ffb83b0e5b68febc79d78f55e3d
SHA1

79330e4aea9b1894435cdc435effc1bbd098af46
SHA256

a698527fa8089fb26d5bd67f6f9ef8afde18115ddb476bb39fdac4441451ff59
SHA512

29ef112e20d350272a5599e6506ac3eba46eb04ec2ef02472c31d0257314c5360ce7b205b5febaf638dda0e88976d2fdb2a4922437a6deb76185481f3421cd01
SSDEEP

6144:G7dx2KfTQUvsevPxXJ2ggbvnjz4KxlDfX9flebmE9uDMnyQY7wNOqRdusIQRljFL:Gx9QUvHvPx5grnjz4ClDfXNdEMkyQY7M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b042ffb83b0e5b68febc79d78f55e3d_JaffaCakes118

Files

2b042ffb83b0e5b68febc79d78f55e3d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a4d1b7ca37fddaf10196421282d3c39a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetAtomNameA
VirtualProtect
GetProfileIntA
FindAtomA
LoadLibraryA
CompareFileTime
HeapReAlloc
GetStdHandle
GlobalUnlock
TlsFree
CloseHandle
WaitForSingleObject
GetACP
HeapWalk
GetTickCount
GetModuleHandleA
InterlockedExchange
lstrlenA
GetConsoleCP
GetVersion
TlsGetValue

user32

DialogBoxParamA
GetScrollRange
ModifyMenuA
DispatchMessageA
PostQuitMessage
GetDlgItem
EqualRect
SetPropA
TranslateMessage
EnableScrollBar
CopyRect
LoadIconA
MessageBoxA
GetKeyboardLayout
InflateRect
GetSubMenu
PaintDesktop
InsertMenuA
SubtractRect
UpdateWindow
GetWindowTextA
GetMenuStringA
DestroyMenu
ShowWindow
CreateCaret
PostMessageA
SetWindowPos
GetMenu

msi

MsiGetMode
MsiDoActionA
MsiCloseHandle
MsiEnumProductsA
MsiEnumClientsA

uxtheme

GetThemeBool

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 740KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ