2f98281d2631ab7d54526ddfa74eff6c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2f98281d2631ab7d54526ddfa74eff6c_JaffaCakes118
Size

2.2MB
MD5

2f98281d2631ab7d54526ddfa74eff6c
SHA1

12d070d03262ee53e9b3ae1192d0517a5a30f776
SHA256

d8ae7cb20530e1b05a10a7c2343ff44f57f57b6cb4fb3e02660e4937e955f7b4
SHA512

59b480f349caf0c3e706fe6ecf1fba28a7aa7df5c4486fc00e0548206df280cc47d4122abaca663e3098418ca37aefe2e11e094ffd175ce4d34044b698883e15
SSDEEP

24576:DJDfb5agXmR25hKxqG5tUgUh+Oy3dNeNPHDLqFtEITxsd66x2:DJHvVzgB6MtSwN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f98281d2631ab7d54526ddfa74eff6c_JaffaCakes118

Files

2f98281d2631ab7d54526ddfa74eff6c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a42280d155b249720b03f36b8fe4c97a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
GlobalUnlock
VirtualAlloc
GetLastError
DeleteCriticalSection
GetFileSize
CloseHandle
CreateProcessW
GetTempPathW
MultiByteToWideChar
LCMapStringW
GetThreadLocale

oleaut32

SysFreeString
SafeArrayCreate
SafeArrayGetLBound
SafeArrayUnaccessData
SafeArrayGetElement
SafeArrayPtrOfIndex
VariantInit
VarI4FromStr
VarR8FromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDate
VarBstrFromBool
VarNot
RegisterTypeLi
CreateErrorInfo

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2.1MB - Virtual size: 66.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 532B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ