2b2464f4a874607a44d7948cdc19ce2e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b2464f4a874607a44d7948cdc19ce2e_JaffaCakes118
Size

5.6MB
MD5

2b2464f4a874607a44d7948cdc19ce2e
SHA1

427f25937065a22d6de7a12dbce0b03d07e59f15
SHA256

78f58658a7da590f9b79436dc21a9cc110185b2c40f0f4cf0abcaa812f7e0425
SHA512

fab955797e81ddc0df998fe49a98048ba4e81438d7a60bd439a8c989b64c866af631ed8c55e238763dd6f7dc163376f0e096739689500a62a463bd6a36a04ba0
SSDEEP

98304:jRF3cl6G+4kPP6+PzSeYMnTdxy4SLljqP+0A4YlN/XyWKct8WB:7DDP5zSMnmlOP+4kGWB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b2464f4a874607a44d7948cdc19ce2e_JaffaCakes118

Files

2b2464f4a874607a44d7948cdc19ce2e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

818f1fbcebdb7a5abf3dc7abeb6af66a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
FormatMessageA
GetLastError
SetLastError
VirtualAlloc
CloseHandle
MapViewOfFile
CreateFileMappingA
VirtualFree
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
GetModuleFileNameW
UnmapViewOfFile
lstrlenW
lstrcpyW
HeapFree
lstrcpynW
GetFullPathNameW
SetEnvironmentVariableW
HeapAlloc
GetProcessHeap
GetFileSize
ReadFile
SetFilePointer
CreateFileW
WideCharToMultiByte
GetEnvironmentVariableW
GetVersion
lstrcmpiW
FreeLibrary
LoadLibraryW

user32

wsprintfW
MessageBoxA

Exports

Exports

_ItemDlg@16
_MainWndProc@16
_ProgressDlg@16
_PromptDlg@16
_SharedDlg@16

Sections

.text
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.res
Size: 495B - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE