2c7233a4c3616da02d37932e544bf18e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c7233a4c3616da02d37932e544bf18e_JaffaCakes118
Size

32KB
MD5

2c7233a4c3616da02d37932e544bf18e
SHA1

77f1e1719a3c7b07201f0afda31dd55bfc38d374
SHA256

ec7938295a49749c1106131fbd2f70bfe4def065824b7e5242cbe5db168679cc
SHA512

e0b0991d3d85eccb367dc2c99ac9722098a40e14ccca0ac4a0d15c05d9151829826f2c598c4f31a98d82345e82d956c00be6ac2d60aeb7d78ecba097621b0b95
SSDEEP

768:kaGimk15wyxfepTBBqWEwZt/9FiPPh/B17Ug42vq9ow:VGimk5xfepT3EwZBi3h/3y2C9ow

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c7233a4c3616da02d37932e544bf18e_JaffaCakes118

Files

2c7233a4c3616da02d37932e544bf18e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

13fc9a812759bcb89dfc8d72d4fda2f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
ReadFile
SetFilePointer
GetSystemDirectoryA
GetModuleFileNameA
Sleep
Process32Next
lstrcmpiA
lstrlenA
Process32First
CreateToolhelp32Snapshot
GetTempPathA
VirtualFreeEx
WaitForSingleObject
CreateRemoteThread
GetProcAddress
GetModuleHandleA
WriteProcessMemory
VirtualAllocEx
lstrlenW
OpenProcess
MultiByteToWideChar
CreateFileA
WriteFile
GetCurrentProcess
CloseHandle
GetStartupInfoA

user32

wsprintfA

advapi32

LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges

ole32

CoCreateGuid

msvcrt

_controlfp
??3@YAXPAX@Z
??2@YAPAXI@Z
memset
memcpy
strlen
__CxxFrameHandler
_EH_prolog
strcpy
strstr
_except_handler3
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type

Sections

.text
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 117B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE