2c5f99212ad44ed2d5a7086fd43b448c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c5f99212ad44ed2d5a7086fd43b448c_JaffaCakes118
Size

128KB
MD5

2c5f99212ad44ed2d5a7086fd43b448c
SHA1

cf7bf7b0c12b7746e3d6ae75fc2bb5d708f8bb10
SHA256

48102e16050c02b72db8d30c66031be93de91e5fda114262833fcd86654b10cd
SHA512

c865adb7131284f1e5283deb9f43bcc14f7955185f913bc2c8ba82d9c1674b3080521bd6d74c1a4925cad3db84e82ff35e42f2581e155092ee92178ea0f9a648
SSDEEP

1536:9Gb+lc78TbkYuydcs59kEXa0AK5GAzdda0VJHka4b1YnRqObQQYsHxt:0eVTbkFydphAKRdakebObRt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c5f99212ad44ed2d5a7086fd43b448c_JaffaCakes118

Files

2c5f99212ad44ed2d5a7086fd43b448c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0053b2b851447031ad7aab8f5256af62

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

outllib

RenInitInstance@12
FMessageLoop@12
RenExitInstance@0

kernel32

WideCharToMultiByte
GetEnvironmentStringsW
LoadLibraryA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
VirtualAlloc
GetProcAddress
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
HeapFree
HeapAlloc

Exports

Exports

DllGetLCID

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE