2eacaae6754b0987997399767bbcf818_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2eacaae6754b0987997399767bbcf818_JaffaCakes118
Size

25KB
MD5

2eacaae6754b0987997399767bbcf818
SHA1

e119e7b65f096c1e21ad80ffbfe7f1491862b299
SHA256

0e25f1b21811adb3dc4409e9654a891ca6757bfc9c1ca8d28ec0b28ceaa74c08
SHA512

4e95efcf8f779fc8e003683bc595fcb8d4dbb0eafc7b6ce7f535b8830c8a484b44f4bf6d7050598d1a19835d2d32faa9d20644093f9cb8892f002d5472ed8d7a
SSDEEP

384:G3Q/xn7PuXp+iaOKLIDj7vaKzgPIoj7kVbQkZUUzclP7mHnxuy9QlZp9S:1/xn7mXUVfynvadjdkmUzcZ7exZS/9S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2eacaae6754b0987997399767bbcf818_JaffaCakes118

Files

2eacaae6754b0987997399767bbcf818_JaffaCakes118
.exe windows:4 windows x86 arch:x86

093fcaad8d56c1475ad60108f88b9633

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOverlappedResult
SetThreadUILanguage
FindFirstFileExW
InterlockedIncrement
Thread32First
GetVolumePathNamesForVolumeNameW
QueryDosDeviceA
GetModuleHandleExW
TlsFree
SetUserGeoID

user32

GetAppCompatFlags
PostThreadMessageA
SetSysColors
RegisterClassExA
FindWindowW
AttachThreadInput
DefMDIChildProcA
CharLowerA
GetDlgItemTextW
AlignRects
CreateDialogParamW
GetWindowTextW
DialogBoxParamW
IsCharLowerA
EnumDisplaySettingsW

Sections

.text
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ