2b4f7f5351c3f75ed8faf0ab03fb0555_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b4f7f5351c3f75ed8faf0ab03fb0555_JaffaCakes118
Size

1.9MB
MD5

2b4f7f5351c3f75ed8faf0ab03fb0555
SHA1

63f02f396a09b1bc4fdd5798226ae6affe18a83d
SHA256

68ce62e0178c961bb77c3ad78b361dbb1577a1fcf969b90fe190dbd1ef24c8eb
SHA512

6dfadb3dacb5f025181e05d0b4bf957a18e74f996e7500c7ad097296e03c2163fb6070fab36d9a70ee300068c640e05669845cf6397f1afef044625582dd9c57
SSDEEP

49152:LLnEhKZq6m4JBugW7lxXVWkj6tkVnxhb5o49h2Aro:3EhkVJchnLjEYrb57iuo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b4f7f5351c3f75ed8faf0ab03fb0555_JaffaCakes118

Files

2b4f7f5351c3f75ed8faf0ab03fb0555_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e841d4fe41729e6ac855221d6aea9918

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
GetKeyboardType
CreateWindowExA
DdeCmpStringHandles

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
DeleteCriticalSection
TlsSetValue
lstrcpyA
Sleep

advapi32

RegQueryValueExA
RegSetValueExA
OpenSCManagerA

oleaut32

SysFreeString
SafeArrayPtrOfIndex
GetErrorInfo

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CreateStreamOnHGlobal

comctl32

ImageList_SetIconSize

Sections

.text
Size: 32KB - Virtual size: 18.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE