2ca2400010a9935d9c8e1051d58db6e1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ca2400010a9935d9c8e1051d58db6e1_JaffaCakes118
Size

63KB
MD5

2ca2400010a9935d9c8e1051d58db6e1
SHA1

36126ac8395d0d2e8cc7e7aa4a5b078d89f3bb7c
SHA256

f86a357b6251a7027ff54d42022653e839cadefc3166ce11394c4658ad00544f
SHA512

003d576824b69da5f77592ae77d9534e83023b61b2fb083a93017e057be4cb7fa37270424f7eb9ad6b5c46e2ea9ed11598b7e5593069df47d10771daaaa40d6f
SSDEEP

1536:gk3MoVHvbjC2EUyQ8vfvPTVmbSEMMCm3RH62i2u206MtRz8mM:gAMSbcUyQMrOSEM3m3RH6X2FVM78mM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ca2400010a9935d9c8e1051d58db6e1_JaffaCakes118

Files

2ca2400010a9935d9c8e1051d58db6e1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c3efb146acbdb13f83315af785addfae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__set_app_type
_except_handler3
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_controlfp
_exit

kernel32

GetModuleHandleA
PostQueuedCompletionStatus
VirtualProtect
WaitForSingleObject
LocalFree
WaitForMultipleObjectsEx
GlobalSize
GetMailslotInfo
GetStartupInfoA

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ