2c0a7158d7289a33f8bd843482456183_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c0a7158d7289a33f8bd843482456183_JaffaCakes118
Size

298KB
MD5

2c0a7158d7289a33f8bd843482456183
SHA1

daa9134c7f9e3d3a4e9ba895d31d244cb65ebbd0
SHA256

01ce3f438710d56a3a8052e4cdc93798cb6b7636d4fbb8d9865fdb3e0d79d458
SHA512

e642f56ed3e396f5a7c158cdae248765375d173724b664792e5113c7e896d8314a7d9f8e18ed89b0e1f9fd4fa0653f51b5556e6d7e0919a2d01b47c3288487e6
SSDEEP

6144:sdxcx8J5uybal9Ce8w712oSeGuZbtRfrVvKmNQuE1wJkIlQ:cqxKMybs8w712luJBrBNPE1wfQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c0a7158d7289a33f8bd843482456183_JaffaCakes118

Files

2c0a7158d7289a33f8bd843482456183_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cda1badaedb4c9b6caf2a76e62ee6096

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CloseHandle
LCMapStringA
CreateFileA
ExitProcess
GetCurrentProcess
LoadLibraryA

user32

CloseWindow
wsprintfA
CreateWindowExA
SetWindowLongA
CharLowerBuffA

Sections

.text
Size: 4KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ