2f457a31c5278d5ea7ddd19c6f4793ef_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2f457a31c5278d5ea7ddd19c6f4793ef_JaffaCakes118
Size

698KB
MD5

2f457a31c5278d5ea7ddd19c6f4793ef
SHA1

bc666698c2838f00b409e5d79470cebe859bec43
SHA256

e147d8b9ad662684ada121f2235089b933f8a33542ae818e51ed1b236cb0f056
SHA512

b80c742de52eb9f683bdd2fa0ecf448eec1fbec4276364c814054197eb7edfe52eb7ddf4be947fc87b31c173e77dc363f6934a8d3c54359d247cf8f5a28e7ae3
SSDEEP

12288:q+HV1zKNr1AouF2RHt0/cE5jLuLosnaLH/J3hCd/TGxqaV1kT3Wlmwis2SP11Yc+:ZnzUHHqB5jqL26cqE32D2NB7X0V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f457a31c5278d5ea7ddd19c6f4793ef_JaffaCakes118

Files

2f457a31c5278d5ea7ddd19c6f4793ef_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7c2df986d0a4f882bb3a6224fe91434b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetVersion
GetCommandLineA
GetVersionExA
GlobalAlloc
FreeLibrary
lstrcatA
GlobalFree
GetFileSize
LocalAlloc
CloseHandle
GetModuleHandleA
lstrcpyA
lstrlenA
LocalFree
GetStartupInfoA

gdi32

DeleteObject
GetTextExtentPoint32A
BitBlt
CreateSolidBrush
PatBlt
GetTextMetricsA
CreateFontIndirectA
GetPixel
GetObjectA

user32

ScreenToClient
EndDialog
LoadIconA
GetWindowRect
ShowWindow
MessageBoxA
SetWindowTextA
BeginPaint
DefWindowProcA
GetMessageA
DialogBoxParamA
GetFocus
TranslateMessage
GetSysColor
DispatchMessageA
PostQuitMessage
SetFocus

msvcrt

_XcptFilter
__set_app_type
_acmdln
memmove
wcslen
__getmainargs
exit
_c_exit
_controlfp
toupper
__p__commode
rand
_exit
__setusermatherr
_initterm
_except_handler3
__p__fmode
__CxxFrameHandler
wcschr
wcstoul
_adjust_fdiv

Sections

.text
Size: 1024B - Virtual size: 957B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 679KB - Virtual size: 680KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 724KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ