2c28b1cea783e71aed8942380e146e3c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c28b1cea783e71aed8942380e146e3c_JaffaCakes118
Size

2.6MB
MD5

2c28b1cea783e71aed8942380e146e3c
SHA1

c6ceb9d090d785ebb119b4ee9cf8064855f26c65
SHA256

a8592ef2ed93bfc325e6d9a050788ca3c038405b4e59b998cb9affe5550c6958
SHA512

6301d7bbe6909038b7dbb29d3cb341eac1488cbf565c539ccce4b607f646f587c9131650bffb2b4267cb9237d562a51a8465aa483bfde83eee3be5bf7b32e5e2
SSDEEP

49152:3FIm1OKMAfB3cKOBuhmbZK3ej1UOqyLyfOR89AuKDR5bZzP4XH:FMKMAfBMKk881NzUKDN4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c28b1cea783e71aed8942380e146e3c_JaffaCakes118

Files

2c28b1cea783e71aed8942380e146e3c_JaffaCakes118
.exe windows:6 windows x64 arch:x64

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

lstrcpy

Sections

Size: 407KB - Virtual size: 936KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bpkccnqz
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zcpnaglq
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ