2c827583b3fd66f33f50890284c6ec21_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c827583b3fd66f33f50890284c6ec21_JaffaCakes118
Size

313KB
MD5

2c827583b3fd66f33f50890284c6ec21
SHA1

31039486e879c59229090fb1ce12dfe13508ba8f
SHA256

2f6a39a798a0960e0c9ec5f85be371603bd0d366056b850d116f7f169345a2f6
SHA512

b2510bc5bb08630c977435c72cdf67847e608616583643e1360bd70bcbaa32eaf05dbb29eb7eb5687dcc3e5bdb2c93f477fd9be0c1f4827ced34b8a39d1c4065
SSDEEP

6144:S5K14o/r+O7+1RKXrHJk5UXkalaqq8+8gXmgGVyuD1G0IUJmqHafm:eK/S/2XrHJmR8NgGouRNBsqHem

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c827583b3fd66f33f50890284c6ec21_JaffaCakes118

Files

2c827583b3fd66f33f50890284c6ec21_JaffaCakes118
.exe windows:4 windows x86 arch:x86

39a2902fd10e716dd3584ff5c5fb1a14

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
GetProcessHeap
CreateHardLinkA
GetCommState
GetProfileStringA
ExitProcess
GlobalLock
ClearCommBreak
GlobalFree
FindAtomA
GetStdHandle
VirtualAlloc
CreateJobSet
EnterCriticalSection
CloseHandle
GetTapeStatus
GetVolumePathNamesForVolumeNameA
GetModuleHandleA
FormatMessageA
GlobalFlags
GetUserDefaultLangID

user32

BeginPaint
ReleaseDC
GetClassInfoExA
GetDC
GetParent
GetActiveWindow
GetWindowTextA
CloseWindow
GetClassNameA
RegisterClassA
ValidateRect
GetForegroundWindow
GetWindowTextLengthA
EndPaint
GetWindow
IsIconic
DrawEdge
ShowWindow
GetFocus

wsock32

WSAIsBlocking
WSACleanup
WSAStartup
WSAGetLastError
WSAAsyncSelect

lpk

LpkInitialize

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ