2c5ab39561c04ff22400c5a105bbc09a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c5ab39561c04ff22400c5a105bbc09a_JaffaCakes118
Size

114KB
MD5

2c5ab39561c04ff22400c5a105bbc09a
SHA1

2c8c1d1bf3c52c02f72c1f4a851ae1414244e261
SHA256

47d77a349160f6d443d5319a0d2d7ec1a1573e9753a0568b8a07d3eb3a7b56f5
SHA512

f38220af543a531df832da1d9f2cdd5b7dbfc276c06bc300889be7f5fc1eb0241646033bd60f76e46618d07186bd4141b7a362f055ab5119d389f39a9e607848
SSDEEP

3072:hCHfO0+QwTwC71C+THE4WQir4CvCo+OWW5uNa/0M+xmB3:YHfL+l8S0abikCvCo+ObuNa8MKG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c5ab39561c04ff22400c5a105bbc09a_JaffaCakes118

Files

2c5ab39561c04ff22400c5a105bbc09a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

da0ae31bfd28db018c06161de1212e20

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

RtlDeleteSecurityObject
RtlComputeImportTableHash
RtlAddAuditAccessAce

user32

GetWindowRgn

advapi32

RegOpenKeyExW
LsaDeleteTrustedDomain
CryptSetProvParam

gdi32

SetSystemPaletteUse
UnrealizeObject
SetGraphicsMode
SetDCBrushColor
SetArcDirection
PtInRegion
LineTo
WidenPath
GdiTransparentBlt
SetPixel
CombineRgn
CreateRoundRectRgn
ExtSelectClipRgn
FillPath
FlattenPath
GetArcDirection
GetBitmapBits
GetCurrentObject
GetGraphicsMode
GetStockObject

msimg32

AlphaBlend

activeds

ADsBuildEnumerator

rasapi32

RasAutodialAddressToNetwork

aclui

CreateSecurityPage

Exports

Exports

UkxpPRF0osLRW4PxA
Xr5Q6YOSTcUs
Z5Lt

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE