2b5a8d9c90d8c216ab42a8040f4e70e0_JaffaCakes118 | Triage

Sharing

General

Target

2b5a8d9c90d8c216ab42a8040f4e70e0_JaffaCakes118
Size

116KB
MD5

2b5a8d9c90d8c216ab42a8040f4e70e0
SHA1

39667165a6d6acac33f58bd621c13e02d5606bae
SHA256

f9e9f236cada9f076a0cae81dd255bd7f9bccc4bd3bc20a249eabd9d7a17828a
SHA512

c24e391e8420606f745149e58806967d7000b8756af13cdc4991123d1bc38307b65497b1ce3f27398cd0dc536ba478138cd10fa6a0926c4b80a5f9c3596ef089
SSDEEP

1536:BnUu88Hk6ebLPmbh3W5I/pj1GALR1fDFUIjeoJrKoXC:BnUu8OkpbTmbh3FrhfDFUiprrXC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b5a8d9c90d8c216ab42a8040f4e70e0_JaffaCakes118

Files

2b5a8d9c90d8c216ab42a8040f4e70e0_JaffaCakes118
.dll windows:5 windows x86 arch:x86

d425d838a59e275cf10cb6dc8da4a3d2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

wcscat
rand
wcsncmp
sprintf
wcspbrk
fclose
_adjust_fdiv
malloc
_initterm
free
memset
exit

ole32

CoTaskMemFree
OleLoadFromStream
CreateBindCtx
CLSIDFromString
CoCreateInstance

kernel32

GetConsoleFontSize
WaitForMultipleObjects
CreateFileW
ReleaseMutex
GetVersionExW
FlushInstructionCache
EnterCriticalSection
CreateMutexW
SizeofResource
GetModuleFileNameA
ReleaseSemaphore
RemoveVectoredExceptionHandler
GetConsoleScreenBufferInfo
GetLastError
VirtualAlloc
lstrcmpA

user32

GetDesktopWindow
CreateDialogParamW
IsDlgButtonChecked
DefWindowProcW
SetWindowPos

Exports

Exports

GWaMFFKop
KreUf

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 94KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 878B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ