2cd63a0154197ebdcb17d54e1074b4ad_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2cd63a0154197ebdcb17d54e1074b4ad_JaffaCakes118
Size

177KB
MD5

2cd63a0154197ebdcb17d54e1074b4ad
SHA1

91d1e47f870712132abb77530a0aa423a927260b
SHA256

e58ce83a0a9b79633f5649e9b2604b42283acb5e23bd1b29df0a15cc10bdb45c
SHA512

a06161a45e095d4805c92cfc3e141ce3350f7e1573c0f9610e97efb5393f89686ac332c17758da4e34a639f82a05df098daadebce70a0d934c99f9711e3be2d5
SSDEEP

3072:mJd0G1tG3lv9fVeMb4lrgFq9GNkam7YB2nBHLZj4EDHupEt971gMs//5zoe:mP2+lR9GNkrVndZVN971gvae

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cd63a0154197ebdcb17d54e1074b4ad_JaffaCakes118

Files

2cd63a0154197ebdcb17d54e1074b4ad_JaffaCakes118
.exe windows:4 windows x86 arch:x86

75915dadaa305382966241a3fd524a96

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyA
RegDeleteKeyA
RegQueryValueExA
RegCreateKeyExA
RegCloseKey
RegEnumKeyExA
RegOpenKeyExA
RegSetValueExA

ole32

StringFromIID
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

kernel32

VirtualQueryEx
GetSystemTimeAsFileTime
MultiByteToWideChar
RaiseException
EnumResourceNamesA
CreateProcessA
WideCharToMultiByte
LocalAlloc
GetCPInfoExA
lstrlenA
InterlockedExchange

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ