2be5350e9c5a0e360230e1f366b82e7d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2be5350e9c5a0e360230e1f366b82e7d_JaffaCakes118
Size

22KB
MD5

2be5350e9c5a0e360230e1f366b82e7d
SHA1

8c4fd7f963ceaae8b1f44b5f08dc70bff2a77434
SHA256

755c55ab7f53dee931a3df96d43911fa410d2994f94d6b1846198f3e27fa6572
SHA512

2aed74a6a5e4f2d638079d626ad9ec9ef7ced4e0c6700e1caa31ba1ecdaa92f28548838178bd5a75eede77d905fface6407a416efb455e6c71665fd023eba9a6
SSDEEP

384:J6GLOGCU9sd9kWhBzLSpcA3j3Wmi6O0S/FEhK61B7E8:cXU9sd9kW3Spc+j3Vi6vAEhBF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2be5350e9c5a0e360230e1f366b82e7d_JaffaCakes118

Files

2be5350e9c5a0e360230e1f366b82e7d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5d4becea18ad9af11654f24eb67ddf42

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

J:\EObpZki\Ehhlug\wgzPi\syIyz\ugdhii.pdb

Imports

user32

DrawTextExW
GetCaretBlinkTime
GetMenuItemRect
CreateMenu
ClientToScreen
LoadCursorW
GetDoubleClickTime
GetActiveWindow
LoadBitmapW
GetKeyNameTextW
IsDialogMessageA
GetClassLongW
wsprintfA

kernel32

GetStartupInfoW
FreeLibrary
HeapSize
CreateMailslotW
GetNumberFormatA
GetStringTypeExW
GetLongPathNameW
IsValidLocale
OpenFileMappingA
GetModuleFileNameA
lstrcatA
HeapWalk
lstrlenA
ClearCommBreak

gdi32

SetRectRgn
ExtFloodFill
Ellipse
SaveDC
GetTextExtentPointA
SetTextAlign
GetLayout
SetBkMode

Exports

Exports

?DuoCYsm@@YGPADMPAN@Z
?oufDrLOAenhrutqy@@YGHD@Z
?olmthKXPtxzkw@@YGMPAHPAJ@Z
?zHGKmteMoA@@YGJGPA_N@Z
?sOqjffVrzTWyozHegibzV@@YGXPAJG@Z
?lvYegjyq@@YGXEE@Z
?dYoeNmnrqpwzLaIeiY@@YGHJPAF@Z

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ