2ac4e57016696ea0eb827ff74ed70289_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ac4e57016696ea0eb827ff74ed70289_JaffaCakes118
Size

1.2MB
MD5

2ac4e57016696ea0eb827ff74ed70289
SHA1

0f5e6ed77374ec05a7bef596c9ed66eb5b7a6ce4
SHA256

98098e81954dd93e7377c9ce04b7db9ea68a671c9e9d0f4d69be4a3103bee1a4
SHA512

2a729d3e472dbc6b2f44ac9975d9463d3f9e6a7f3193843a6b40746f8d6882f2cb0c53d983e29fd946093d6ca5f7a3738c7a85700533f98f47827718a873b8ec
SSDEEP

24576:IbjUNIO9uglUVuVHGb4XjDyjsf0sztUJCe0sI+pIXDr5gP:I8amOBb4XjGji04veA+pIXpgP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ac4e57016696ea0eb827ff74ed70289_JaffaCakes118

Files

2ac4e57016696ea0eb827ff74ed70289_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e304217fc16c011615a0ec22783cbfae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
InitializeCriticalSection
GetProcAddress
LocalFree
RaiseException
LocalAlloc
GetModuleHandleA
LeaveCriticalSection
EnterCriticalSection
SearchPathA
ResumeThread
WriteProcessMemory
GetPrivateProfileSectionA
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW

user32

DefWindowProcA
AdjustWindowRectEx

Sections

.scpack
Size: 792KB - Virtual size: 792KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 468KB - Virtual size: 468KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ