2ef2a5a277f2d78c1a4212d0d09b60a9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ef2a5a277f2d78c1a4212d0d09b60a9_JaffaCakes118
Size

179KB
MD5

2ef2a5a277f2d78c1a4212d0d09b60a9
SHA1

5ee49dc5df24a5ab608211d11f7b937f09dd6436
SHA256

7bf2cd4ea8d785aad95a5dc84a4b7eddb57c367776277bc13baba09cdf05386c
SHA512

2f7f6f012b723436f8d05e079cf22de21363842ab71bf4f0f37bebdc40c501f9440173fcf3e61df69c63c6dd108ff82c001fd594950836846e79447dbe699b5a
SSDEEP

3072:Ve5VCob2+8Vw8BQ71bzGeL1NiLgWGtqPRpM+tfBYw8hwn0fma9FvmuZlFj3P5zWB:U5VxP8Vw8yZOecg9tM/K5ha0fma91nRu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ef2a5a277f2d78c1a4212d0d09b60a9_JaffaCakes118

Files

2ef2a5a277f2d78c1a4212d0d09b60a9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d2534e1a1097a517ddcfeb24a89a83c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
CloseHandle
GetModuleHandleA
SuspendThread
InterlockedExchange
GetAtomNameA
GlobalUnlock
LoadLibraryExA
CompareFileTime
WaitForMultipleObjects
SetConsoleCP
HeapReAlloc
lstrlenA
GetTickCount
GetVersion
HeapCreate
GetConsoleCP
GetStdHandle
GetSystemDefaultLangID
VirtualProtect
WaitForSingleObject

user32

IsDialogMessage
CreateMenu
DestroyMenu
GetKeyState
GetKeyboardLayout
InsertMenuA
DialogBoxParamA
CreateIcon
EnableScrollBar
CopyImage
DrawCaption
FillRect
SetScrollInfo
DragObject
GetDlgItem
InvertRect
GetCursorInfo
DispatchMessageA
SetWindowPos
SetPropA
FindWindowA

advapi32

RegQueryInfoKeyA
RegEnumValueA
RegCloseKey
RegCreateKeyExA
RegEnumKeyA

apphelp

ApphelpCheckExe

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 792KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ