2c6d394ea957fadbc2a1a70fceedc574_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c6d394ea957fadbc2a1a70fceedc574_JaffaCakes118
Size

97KB
MD5

2c6d394ea957fadbc2a1a70fceedc574
SHA1

1dd53a638676874f625a93ac8529f731b2b2ee7a
SHA256

1ce22c15850e526b8c9ce66d63942aaec594a3fe5edcd4e284e5b3fd1c867333
SHA512

43fb427113de01105a29f5cf8a87ad728819a17c5a840d0d70f4c169093d641b7b192585cd4a4350a1221cefefa87dd661c925abf67385e09db7c4bc90775985
SSDEEP

3072:0cf3SvMOw0iHP31qIlXclap9jp5+H1RM8:bfkMZ31qmXclaprn8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c6d394ea957fadbc2a1a70fceedc574_JaffaCakes118

Files

2c6d394ea957fadbc2a1a70fceedc574_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7949ea51c9a075e56b3f0448da63d90f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ExitProcess
ExpandEnvironmentStringsA
FileTimeToSystemTime
FindNextFileA
GetCommandLineA
GetConsoleMode
GetCurrentProcess
GetCurrentThread
GetDateFormatA
GetDriveTypeA
GetExitCodeProcess
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcessHeap
GetProcessId
GetSystemInfo
GetThreadPriority
GetTickCount
GetTimeZoneInformation
GetVersion
GlobalAlloc
GlobalLock
HeapCreate
HeapFree
InitializeCriticalSection
LeaveCriticalSection
LocalLock
PeekNamedPipe
ResumeThread
TlsGetValue
VirtualAlloc
lstrlenA

Sections

.text
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ