2c2cd5df0abf8e74cff56202ae2db94b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c2cd5df0abf8e74cff56202ae2db94b_JaffaCakes118
Size

177KB
MD5

2c2cd5df0abf8e74cff56202ae2db94b
SHA1

7aecbbcb1009472c4066eedc29f0512586005fb6
SHA256

53c7ef2e04e96b62bb370566781b7ebc36ac3b9d7269e9409bec50b52d5a6454
SHA512

d3d651aaeb98b58c0c524644ae27f03f48a825a4bf614678994ecc9cbc79c5e28922b5d6d870cf4a3dd2e212196f79cf15605e8a70b9121b44d9e47244116b89
SSDEEP

3072:f1o60RLlGutl5LxBFn+wTNpLTgziecGntIMnCOr51FrhbexiLGPxB2eNJICzex4g:f1olZhVXwwTNaziatNnCELp2IGP6aJI1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c2cd5df0abf8e74cff56202ae2db94b_JaffaCakes118

Files

2c2cd5df0abf8e74cff56202ae2db94b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

73131cb94a7bd9bc78fb2c7843e2e6d6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDateFormatA
GlobalGetAtomNameW
GetTimeFormatA
MultiByteToWideChar
SetStdHandle
TlsGetValue
HeapReAlloc
TlsAlloc
GetACP
GetLocaleInfoA
RtlUnwind
EnumResourceNamesA
WriteConsoleA
HeapSize
GetModuleHandleA
GetOEMCP
SetFilePointer
VirtualAlloc
GetConsoleOutputCP
IsValidCodePage
TlsSetValue
GetCPInfo
RaiseException

occache

FindControlClose

shell32

SHCreateStdEnumFmtEtc
ShellExecuteW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetFileInfoW
SHGetDesktopFolder
DragAcceptFiles
SHGetMalloc
SHBrowseForFolderW
SHAppBarMessage
ShellExecuteExW
Shell_NotifyIconW

Sections

.text
Size: 88KB - Virtual size: 476KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ