2677ed026d2f2a1c8a596140760379a0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2677ed026d2f2a1c8a596140760379a0_JaffaCakes118
Size

160KB
MD5

2677ed026d2f2a1c8a596140760379a0
SHA1

fc7ddb8096e93c5cb05523e898c4160f2b1c102a
SHA256

102057e1c4c0d72e73f4e6738b6b7babc0ba89de30cbb6bd0ee9619da9dffc53
SHA512

55de1587ade6f83538fe7375d76a9e19ac83b768f0824d7de739e54c73b8a250068e3e7959dd8920a8d093bb17d9f2a4c896d2e570385d9eb4695bc1f3df47f0
SSDEEP

3072:tqh3idPDJkYnIZ5LncAVvx1zI5nI7d6gQzM+zZe5lmE2GO:tc+LJkYIrcMvxlI5I7H7gEm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2677ed026d2f2a1c8a596140760379a0_JaffaCakes118

Files

2677ed026d2f2a1c8a596140760379a0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e304217fc16c011615a0ec22783cbfae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrcatA
InitializeCriticalSection
GetProcAddress
LocalFree
RaiseException
LocalAlloc
GetModuleHandleA
LeaveCriticalSection
EnterCriticalSection
SearchPathA
ResumeThread
WriteProcessMemory
GetPrivateProfileSectionA
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW

user32

DefWindowProcA
AdjustWindowRectEx

Sections

0
Size: 64KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

2
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

3
Size: 48KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

4
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

5
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE