2c2e27485952cb1001cfdf545c30f406_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c2e27485952cb1001cfdf545c30f406_JaffaCakes118
Size

76KB
MD5

2c2e27485952cb1001cfdf545c30f406
SHA1

9af8bbc415c305f957e1ca55daecf97f6c507080
SHA256

d2982fd9d5ccd99aff240d5f494bc0a284558854cc95ed4f4563c947d6ef125d
SHA512

5f5f598585071e186323684d83e8fe46f61f0bf6db692137b8035fec61bef46f78734ef46615586cb68525ad287b78961450f2bae7c2eb8e4576d7cab70dba98
SSDEEP

1536:qXhERpwKe+z4OtBeSy+/XXW73dyR7lvogkpjVrs2ryrd1vUQuq6:gEpwufc4273maXHs2qo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c2e27485952cb1001cfdf545c30f406_JaffaCakes118

Files

2c2e27485952cb1001cfdf545c30f406_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bda22afc904e4f631c1bd5346bfe49ef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateJobObjectA
ProcessIdToSessionId
DeviceIoControl
NlsResetProcessLocale
LoadResource
GetTimeZoneInformation
GlobalAlloc
GetConsoleCommandHistoryW
WriteFile
ReplaceFileA
CreateSocketHandle

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE