2c93c0c884d0cba62f7f1cfe2257697c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c93c0c884d0cba62f7f1cfe2257697c_JaffaCakes118
Size

191KB
MD5

2c93c0c884d0cba62f7f1cfe2257697c
SHA1

5352f4d5743f1238a8ecd7c915e8cb8174670277
SHA256

9cba874853477a2ad44ee537da3f607c91dc970db08c6d0116ba3ed770487a2b
SHA512

b421b885ecde0dc6c3273d448bfa943d5ae146ee7ab521018aa08b4a5868747b0a835071561ad129d68bb2860d537849f00a807f91ade213816e4ab0d831bdf3
SSDEEP

3072:wfcWPFYsH8iz4vBr5vUuYyISCHeDxX64YdI9kCO+bAMd2hivFaHO3I5sIz8pKvZp:ucSf3GZ2WI9HOlWxUrMM9aHmId8wZZ3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c93c0c884d0cba62f7f1cfe2257697c_JaffaCakes118

Files

2c93c0c884d0cba62f7f1cfe2257697c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a5c4a2657e94b34bad8405eb26e5dd0e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

GetHGlobalFromILockBytes
CoTaskMemFree
StringFromGUID2

imm32

ImmAssociateContext

kernel32

SetProcessPriorityBoost
InterlockedIncrement
TlsAlloc
TlsGetValue
EnumResourceTypesA
TlsSetValue
SetLastError
ExitProcess
TlsFree
GetStdHandle
GetLastError

Sections

.text
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ