2c528ab84d5d0aa7cbd8e0e55f2b1e36_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c528ab84d5d0aa7cbd8e0e55f2b1e36_JaffaCakes118
Size

638KB
MD5

2c528ab84d5d0aa7cbd8e0e55f2b1e36
SHA1

0f82da4198c01c8b7af65ecc07a1788be05ad379
SHA256

9b203d4443a37ac48cc134f4637c23884324982661b5bd3b3878f54564a20f8c
SHA512

4ddbebaa5e2420dea03a29fc0fdd9bad2a75f28e3cdabeca5deee3bb25398caabb693e006f1a219779e89c08b0ed1074505f31a6c5dd22ec2ad0efa5723d63ca
SSDEEP

12288:njECXILnhqp5DSOBNHNEdV2J9XQ6fq70Q6d/crSQUdW1zlXRPccpR7iDlNAN5:jKj0DbNySi6S70Q6CrSTAZ1Hira5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c528ab84d5d0aa7cbd8e0e55f2b1e36_JaffaCakes118

Files

2c528ab84d5d0aa7cbd8e0e55f2b1e36_JaffaCakes118
.exe windows:4 windows x86 arch:x86

da9ff5b8b83eabcff9865cb2c122bac7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
WaitForMultipleObjects
WaitForSingleObject
CompareFileTime
GetTickCount
GetCommandLineA
GetConsoleCP
GlobalUnlock
GetModuleHandleA
HeapCreate
lstrlenA
TlsFree
GetStdHandle
CloseHandle
GetVersion
GetProfileIntA
LoadLibraryExA
VirtualProtect
AddAtomA
HeapReAlloc
GetSystemDefaultLangID

user32

SetPropA
GetWindowTextA
DialogBoxParamA
CopyRect
CreateCaret
GetKeyboardLayout
CreateCursor
DestroyMenu
GetDlgItem
EnableScrollBar
EqualRect
MessageBoxA
SetWindowPos
ModifyMenuA
GetMenuStringA
UpdateWindow
FindWindowA
PaintDesktop
DispatchMessageA
TranslateMessage
InsertMenuA
SubtractRect
ShowWindow
GetKeyState
PostMessageA

msi

MsiGetMode
MsiEnumProductsA
MsiCloseHandle
MsiDoActionA
MsiEnumClientsA

ws2_32

WSAAccept

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 600KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ