2e0181b08be370c1a0bbfed1e22c619d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2e0181b08be370c1a0bbfed1e22c619d_JaffaCakes118
Size

176KB
MD5

2e0181b08be370c1a0bbfed1e22c619d
SHA1

633b591ebab907bc15b5b020b6e847801345efbe
SHA256

a4cafa74e3b27f428ed8f02b397c3a46e420ae6b7db2fd808d6a85e6f6d2701f
SHA512

e1422639946c8a6a98e5383243fcea03803cc88548ab3ea0c9a92510f93777dd4546d2819f20e39b0ea08177a674abfe6a4753e1065c341be33ddee5cb0d2e4c
SSDEEP

3072:a3PuUZMZweaBH9tNLALTTsDG9FEf2BQ3hZDF6qOjfYbd:afUwea19t9ALT+duQ3TOKd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e0181b08be370c1a0bbfed1e22c619d_JaffaCakes118

Files

2e0181b08be370c1a0bbfed1e22c619d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fd24fe736fab378d6426ad3bc2d8f579

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StgCreateDocfile
StgOpenStorage

user32

wsprintfA
wsprintfW

msvfw32

ICClose
ICOpen
ICSendMessage
ICDecompress

kernel32

GetShortPathNameW
UnhandledExceptionFilter
GetProcAddress
GetModuleHandleA
SetHandleInformation
GetLastError
IsDebuggerPresent
LoadLibraryA
GetCurrentThreadId
EnumResourceTypesW
CloseHandle
GetCurrentProcessId
SetUnhandledExceptionFilter
LocalFree
CreateFileA
InitializeCriticalSection
DeleteCriticalSection
GetVersionExA

Sections

.text
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 868B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ