2cee84320b699813574d1bb1712128a1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2cee84320b699813574d1bb1712128a1_JaffaCakes118
Size

40KB
MD5

2cee84320b699813574d1bb1712128a1
SHA1

94cd7f96d817f4d07180798dfc2d3e16fbdcd9a1
SHA256

d9fbecc30c08efa9185bd9f729642b0a44e9f1dde4130bd49ba7eb3d4d92c06c
SHA512

80c12688c87599893c48e2c6b2d607f31d5b5efd1e6b26aa53edf30bf09972c8f89213d4c7190c0ae4b78711588a50cbfc2f38e2ea37a0d5ff22f7142affce7e
SSDEEP

768:Dn3JOwKrHm4Zb6uunxdUTsb0Cme5vQ8M82oFBEtzPKiLS5Q:bgD7mysxdU6YedSwYtz3m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cee84320b699813574d1bb1712128a1_JaffaCakes118

Files

2cee84320b699813574d1bb1712128a1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

32dac45a2671c8efd311205950be4a33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

FindMediaType
HlinkGoForward
CopyStgMedium
UrlMkBuildVersion

ntdll

RtlCreateAcl
ZwSetInformationProcess
RtlAssert
RtlCompactHeap

Sections

.text
Size: 22KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE