2ea2aa7433e9b5c96c8ce6f2b1af62dc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ea2aa7433e9b5c96c8ce6f2b1af62dc_JaffaCakes118
Size

304KB
MD5

2ea2aa7433e9b5c96c8ce6f2b1af62dc
SHA1

1f98d83554c32c1d5214382f65df3e24e535d58a
SHA256

e0a438f9df4685dc83c04417e710d6aae71bd721866b040f53da20653d65bebe
SHA512

245d07156083db5e869ce6363410da34c2da46602b453466868c729d2f3007a61a820bb1bb7f0e84a7698d5ec4b438a6e628fed7f4e3ad78fa5112e992fa7de3
SSDEEP

6144:AACB8PK45vo+XeL6JOg7f8wBWkAxSOkHCzQKbDMIEIZ:AAzKKo+uwB7f8G3AxSpCztbDMYZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ea2aa7433e9b5c96c8ce6f2b1af62dc_JaffaCakes118

Files

2ea2aa7433e9b5c96c8ce6f2b1af62dc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d82aa9f9efc140e0463b45c231fdb9ad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResumeThread
ResetEvent
LoadLibraryA
CreateFileMappingA
SuspendThread
GetPriorityClass
CloseHandle
GetComputerNameW
GetModuleHandleW
GetCommandLineW
IsDebuggerPresent
lstrlenA
GetSystemTime
GetPrivateProfileIntA
GetFileAttributesA
FindAtomW
LocalFree
ExitProcess
VirtualAlloc
MapViewOfFile

user32

GetCaretPos
GetClassInfoA
DispatchMessageA
CloseWindow
DestroyCaret
EndDialog
GetMenu
CallWindowProcA
GetClientRect
FillRect
DrawStateA
GetDlgItem
CreateWindowExA

rasapi32

DwRasUninitialize
DwCloneEntry
RasDeleteEntryA
RasDialA
DwEnumEntryDetails

catsrvut

DllGetClassObject

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 294KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ