2b19ba1fc4dc0d72ae4da181c3a33981_JaffaCakes118 | Triage

Sharing

General

Target

2b19ba1fc4dc0d72ae4da181c3a33981_JaffaCakes118
Size

196KB
MD5

2b19ba1fc4dc0d72ae4da181c3a33981
SHA1

43fa814d9f8797e91280af90242e5f0ff699a414
SHA256

05d009f0945315034460bb0346716283f1252bc74daa0fdf6fd98ed8d78c7ac5
SHA512

0e52894bed60bd7be0e13a3a0dce7bc3e6038820a885864f7a0b63f3fb982aa0bcf2456fd8ca3e2876acecd4c726a55ef22726bb5226ae590e8c868be9a5f719
SSDEEP

3072:7vGHnuhFmH+rA+aXogfyS9h+Eaq0laWqkGiKa/GgyaHHQEBp4:7venuOHOS9h7aNlaPkD/2azp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b19ba1fc4dc0d72ae4da181c3a33981_JaffaCakes118

Files

2b19ba1fc4dc0d72ae4da181c3a33981_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1b37e20f0a4c0aa1a26f25940381a92b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTapePosition
IsBadStringPtrA
GetFullPathNameA
LocalHandle
GetTimeFormatA
GetCommConfig

user32

MapWindowPoints
MenuItemFromPoint
GetUserObjectSecurity
GetKeyboardLayoutNameA
SwapMouseButton
GetMenuItemCount
DrawCaption

gdi32

SelectClipRgn
UnrealizeObject
SetTextAlign
SetTextJustification

Sections

.text
Size: 4KB - Virtual size: 973B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 594B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.upx0
Size: 136KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE