2b641dcaf87ea533f71f8b968d61d0da_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b641dcaf87ea533f71f8b968d61d0da_JaffaCakes118
Size

79KB
MD5

2b641dcaf87ea533f71f8b968d61d0da
SHA1

a74f269150775d35a0003ad70e91cbe0bfc0632a
SHA256

717b18dcc22cd76d12f8e42fbcae060dd2f994db2aaa46869ad37a115e310766
SHA512

314554ca52b75b49d98e385bcab63ee6af2a89d9e77aee8d523a10f582e3b53ccefdaafd4112b3e01633348afe9f7e70226808c2d2ec285dd05b0458cb4cac28
SSDEEP

1536:mBYKwtE4AWUxlQbrXeROqvs6vw1VqMl7PeV6USEn2T5TGMNC+n:weE4AZlUrXmOqvswcYMl7PM6i2hr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b641dcaf87ea533f71f8b968d61d0da_JaffaCakes118

Files

2b641dcaf87ea533f71f8b968d61d0da_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3dafa341e5de7fc35b080a92876caf5a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceCounter
lstrcatW
FreeLibrary
LoadLibraryW
SetEvent
lstrcpy
VirtualProtect
lstrcpyW
VirtualAlloc
GetModuleHandleA
GetCommandLineW
LoadLibraryA
lstrcatA
GetCommandLineA
lstrcmpiW
GetCommandLineA

user32

LoadIconA
GetParent
GetWindowLongW
MoveWindow
GetWindowRect
GetDC
CharUpperA
ChangeMenuW
LoadCursorW
GetSystemMetrics
RegisterClassExW
SetTimer
GetMenu
LoadImageW
GetWindowLongA
IsWindowEnabled
CheckRadioButton
GetCapture
DrawIcon
SendMessageW
LoadMenuW
GetSystemMenu
GetWindowTextA
GetWindowTextW
RegisterWindowMessageW
GetWindowTextLengthW
LoadMenuA
GetWindowTextLengthA
RegisterClassExA
LoadImageA
GetFocus
EnableWindow
LoadCursorA
GetForegroundWindow
LoadIconW
UpdateLayeredWindow
LoadCursorA
GetKeyState
CharUpperW
LoadStringA
GetMessageW
GetFocus
DefWindowProcA

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ