2ad8ee10e5f18cc09ee0fa95b13f567a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ad8ee10e5f18cc09ee0fa95b13f567a_JaffaCakes118
Size

1.8MB
MD5

2ad8ee10e5f18cc09ee0fa95b13f567a
SHA1

13adac2dadcdeb224f543f98d894a1bdd64d3947
SHA256

4d228158238f6138080349d4f371bc09b4415933ad4b6263fb044128ac394bc9
SHA512

cf29c13414b681036586fb7d39e758ea1216ba646ac4883624cb4fd2bfa6400057fe40104a71485c1754a514ad4f2070c65964f95c89a9d490fe8c089da063aa
SSDEEP

24576:4xZigc0H2Q/IEI5uAfHegmhRJwE321rMTPradqX7TkL9PBsJsCnWAl3W/7L3+C:4ygLpI5t+gmhDwv1ITjad0u/9CiX3+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ad8ee10e5f18cc09ee0fa95b13f567a_JaffaCakes118

Files

2ad8ee10e5f18cc09ee0fa95b13f567a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

19c525e1245bea8e2ccc026a9f7aab7e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
ActivateActCtx
CreateActCtxA
DeactivateActCtx
GetProcAddress
LoadLibraryA
GetModuleFileNameA
VirtualProtect

Sections

.text
Size: - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_rdata
Size: 4KB - Virtual size: 290B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_data
Size: 4KB - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.odata
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ