2c5e6cdf101a817cc31155b916b69f1d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c5e6cdf101a817cc31155b916b69f1d_JaffaCakes118
Size

41KB
MD5

2c5e6cdf101a817cc31155b916b69f1d
SHA1

1ad44fcf7e9fd0481d3ff4df683c4d55bfc2a29a
SHA256

483b3cbb50e93528b753a25ba45527132ed046de5cbd3fd5ee95893d4dc843e6
SHA512

8c896190cffbce5bb060c506dabe8010cac8b0be69faf8ea40e370667914b49c93e3efdbdfd5e5411b6e67ecc33cf41c5d4177f0d8604f0b09449e6fe6a6ad7b
SSDEEP

768:IGnvYJ9NgJEDltVXqJCNvTv/+Ug74v6/mmW3u109tGkTybhKrZyICR2x2NW/gg4s:FFJEZqJUv2Um/mmkZ3NZyITDggKWTb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c5e6cdf101a817cc31155b916b69f1d_JaffaCakes118

Files

2c5e6cdf101a817cc31155b916b69f1d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2022c13130c507ffc5bd36d94b4762b7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

advapi32

RegCloseKey

netapi32

Netbios

wsock32

WSAStartup

gdi32

GetBoundsRect

shell32

ShellExecuteA

user32

wsprintfA

ole32

CoInitialize

shlwapi

PathGetArgsA

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook

Sections

.MPRESS1
Size: 38KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE