2ba530b21bc72eea349b4cfd81f4b925_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ba530b21bc72eea349b4cfd81f4b925_JaffaCakes118
Size

5.3MB
MD5

2ba530b21bc72eea349b4cfd81f4b925
SHA1

622e753c8b01dbb5be0e0ad132058a7700a064ef
SHA256

1a1792152bca63edca4a67e62305a7a0311abea5076cb7d47621a9d3ca024f4f
SHA512

01f6f799a27b51bb7f07317cce96dcbc92af1e0fca2f2677e5d3dcaf9d95d7bff8550ae4b4f1ad8458b1940b52cc90add7cd3b2306d5c8d86776dac894f485cb
SSDEEP

49152:bHeTlP2+7MhF0UaK1Nl5YN4gZCCQCM0Cla1PrIHGKPe8FLfM9tvnq1ucKMr00b7v:bmN7u0o7YZQCM0nkRDLXZ5bdeiOxj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ba530b21bc72eea349b4cfd81f4b925_JaffaCakes118

Files

2ba530b21bc72eea349b4cfd81f4b925_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

ZtlTaskMemAllocImp
ZtlTaskMemFreeImp
ZtlTaskMemReallocImp

Sections

Size: 4.1MB - Virtual size: 4.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 424KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 656KB - Virtual size: 656KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mackt
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE