2c188e38a921d5d1c64d8b77e6cc9b25_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c188e38a921d5d1c64d8b77e6cc9b25_JaffaCakes118
Size

132KB
MD5

2c188e38a921d5d1c64d8b77e6cc9b25
SHA1

b2772b512f2b35acd3ccc68d66d97739b57b9e36
SHA256

f7ea3670d8fdf13ac3324ecc111e837e72fabb1cb5fc9d5e72616d9097ca649a
SHA512

9b6852b69f171dbbf995e58f4c3b86e4e53e8ca79a7be90b061157a9d34c1cd6cc4e7058d8971629683ad51c36dc8876b494a3a4e44de40847f659269a72127c
SSDEEP

3072:otKbcsEcv96LvcQe4PMkPrxfKXXVW49js:otKbcsF9ede4hKXFRjs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c188e38a921d5d1c64d8b77e6cc9b25_JaffaCakes118

Files

2c188e38a921d5d1c64d8b77e6cc9b25_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a5e1b6089874320c75cc879280ef9c3f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
ReadFile
CloseHandle
WriteFile
CreateFileA
DeleteFileA
lstrlenA
lstrcatA
lstrcpyA
HeapAlloc
GetProcessHeap
GetTempPathA
GetTickCount
ResumeThread
GetProcAddress
LoadLibraryA
VirtualProtect
HeapFree

user32

GetWindowLongA
IsChild
WaitForInputIdle
GetActiveWindow
SetActiveWindow

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 628B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE