2cc09afbb2a66934d31e0acd6553b25c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2cc09afbb2a66934d31e0acd6553b25c_JaffaCakes118
Size

88KB
MD5

2cc09afbb2a66934d31e0acd6553b25c
SHA1

cd3eb0981e9bfa4342e3c8461603a5d2ab3c1556
SHA256

1e09252f30ab0ca57dbb995d175b1304acfda61b698e3106f4637ab77909f9f1
SHA512

efde6253a20576c35e00c05837858c628b1399ab36bb3aa02fced9f4e08b7403a785dd59720ed2c9636e4ae71a33fc788d98ad23ddc500f8e6f5f7d4d0755aad
SSDEEP

1536:Y10B1+SESjrl6pvMiIKgwG05sMwrNnW1ee3nSphFDBBZv0OT+W4XG9ATujUV0EsG:Y1m1+SpIpvMVKgwG05sMwZnW1ee3nSp6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cc09afbb2a66934d31e0acd6553b25c_JaffaCakes118

Files

2cc09afbb2a66934d31e0acd6553b25c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cf42e081ec10473e3c62bde3e97d4be5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExA
RegSetValueExA
RegCloseKey

kernel32

CloseHandle
CopyFileA
CreateFileA
DeleteFileA
ExitProcess
FindResourceA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
LoadResource
LockResource
OpenProcess
SizeofResource
WaitForSingleObject
WinExec
WriteFile
WriteProcessMemory
lstrcatA
lstrcmpiA
VirtualFree
VirtualAlloc
ReadProcessMemory
GetCurrentProcessId
SetLastError
CreateRemoteThread
ResumeThread

user32

FindWindowA
GetWindowThreadProcessId

Sections

��t
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE