2d8c5cdd876b1a3796ce4f36e3a2ba56_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2d8c5cdd876b1a3796ce4f36e3a2ba56_JaffaCakes118
Size

408KB
MD5

2d8c5cdd876b1a3796ce4f36e3a2ba56
SHA1

859834fdacaa35ea89645e793b5ce1b69e909528
SHA256

6faa3205e383bfa28217675d761999082e3300f2cce17e9e65e7271f042711da
SHA512

0ed78d3660495e655b12774d9eebd4d6f71d82a3c7354e5ad0a7b9f4484fa71c5f7137ef19330759c4b2f6d1a214cd8bea045251b29e08dff7524616bfd16e17
SSDEEP

12288:YhAh8hd/BFQxyQF5XpGOfrMyShM36qassI:YhAh8hLFQxywaOzFn3napI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d8c5cdd876b1a3796ce4f36e3a2ba56_JaffaCakes118

Files

2d8c5cdd876b1a3796ce4f36e3a2ba56_JaffaCakes118
.exe windows:4 windows x86 arch:x86

527387555e42ad1891bfe646c47eaa9c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetModuleHandleA
GetEnvironmentVariableA
WaitForSingleObject
GetTempPathA
DeleteFileA
GetVersionExA
ExitProcess
SizeofResource
lstrcpyA
CreateDirectoryA
LockResource
CreateFileA
GetProcAddress
FindResourceA
CreateProcessA
LoadResource
LoadLibraryA
WriteFile

setupapi

SetupIterateCabinetA

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey

user32

MessageBoxA
wsprintfA

Sections

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 396KB - Virtual size: 393KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ