e2c3f322f58824add8f7314c78c6185c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e2c3f322f58824add8f7314c78c6185c_JaffaCakes118
Size

28KB
MD5

e2c3f322f58824add8f7314c78c6185c
SHA1

0082190b5826a1fce73cab8c75c820975564d82e
SHA256

22ffec940726c6cd9653b9cdc0b29f1bc28f680187ccd951d9b6cd899655cafc
SHA512

0e33c95b62abbe3b76f7e5244c63db0c00478861a044526561b60d5b96c5c736be6fb5ac89947122d71596b5ba07dc28fda1dfb885c860cb5d064b196be2ede1
SSDEEP

384:KVr/t2Ynx1rZzhPHx/Zt1S9Y0skYaYaS8IVE:a1rrZxHNdknYaYayE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e2c3f322f58824add8f7314c78c6185c_JaffaCakes118

Files

e2c3f322f58824add8f7314c78c6185c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8cc87def4289b07862a7058a75e217a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringA
QueryPerformanceCounter
SetMailslotInfo
HeapAlloc
GetPriorityClass
GetModuleHandleA
GetStartupInfoA

user32

GetQueueStatus
LoadBitmapA

msvcrt

__p__commode
_exit
_XcptFilter
exit
_acmdln
_initterm
__setusermatherr
_adjust_fdiv
__getmainargs
__p__fmode
__set_app_type
_except_handler3
_controlfp

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 682B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE