2c2d195b7de73100223ca51e28e5a894_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c2d195b7de73100223ca51e28e5a894_JaffaCakes118
Size

1022KB
MD5

2c2d195b7de73100223ca51e28e5a894
SHA1

58e69ca7ced07a360c41d4c4fb249b7812092e19
SHA256

a6634eedd24121017f3abf1d410dc524516bf2692930367c9b625a14820dd555
SHA512

3dfaba719d2fa11315f8d493b25f33cf7145214a133b1c6ee4da2d98e13665dc637bdf60abd3d071596b9bd48be8033fe596f0aa256f925fa1e1ba1b6baf4c14
SSDEEP

24576:h+IYYIUowg1gJ8UcrZ9uwMMZil564Q8DTJy6g1WfCvTsdTwY:h+gtSSJ8Uu9xMMkl564QULvfI8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c2d195b7de73100223ca51e28e5a894_JaffaCakes118

Files

2c2d195b7de73100223ca51e28e5a894_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9f2e258739870cc2b5a038414d73a489

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
EnumResourceNamesA
GetModuleHandleA
FindResourceA
HeapAlloc
GetStartupInfoA
LockResource
VirtualAlloc
ExitProcess
EnumResourceTypesA

msvcrt

_chdir
_c_exit
_cgets
_atoldbl
_atoi64
_cabs
_access
_assert

oleaut32

SysReAllocString
SafeArrayLock
SysAllocString
SafeArrayAccessData
VariantInit

Sections

.text
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 666B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE