2c2df0ff16ed42a3dea39d8e1675f778_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c2df0ff16ed42a3dea39d8e1675f778_JaffaCakes118
Size

220KB
MD5

2c2df0ff16ed42a3dea39d8e1675f778
SHA1

214ea7169bc1bab2ee03dc52403f4409ad33475a
SHA256

708b015963f38dab5efe573dcd6dc85a075155ae78d7a32bdc461a8e382a6fcb
SHA512

700975f64e471d750477fa80acfdae502c1e332d71e40fe31565fcd4c5a7d81612b34f324126fc8d7642c3f8c04e0d0d54ab3ce11425226e9941c8e760af2f44
SSDEEP

3072:99arb0BLF+WEIYqLYFiYczOTtQ9mNaWEUGwdLkxs/NYwlCjoemZmWTmNLY6:vzD+3IjKcUrlGwRasFYgCDmZmKmS6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c2df0ff16ed42a3dea39d8e1675f778_JaffaCakes118

Files

2c2df0ff16ed42a3dea39d8e1675f778_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bb0e0d2c01cbd24a10f7e0391725e635

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetDllDirectoryA
VerSetConditionMask
SetConsoleTitleA
CloseHandle
RtlZeroMemory
RtlUnwind
RtlMoveMemory
RtlFillMemory
RtlCaptureStackBackTrace
RtlCaptureContext
ReleaseActCtx
ReadConsoleW
ReadConsoleA
ContinueDebugEvent
lstrcpyA

user32

PaintDesktop
ClientToScreen

ole32

StgCreateDocfile

advapi32

ConvertSecurityDescriptorToAccessW
SetNamedSecurityInfoA
RegUnLoadKeyW

gdi32

SetStretchBltMode
UpdateColors
GetDCBrushColor
AddFontResourceA
LineDDA

compstui

CommonPropertySheetUIW

Exports

Exports

sEtn7L8k6BuspzRk2

Sections

.text
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 721B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ