2cf9397b9a4104d7e0253770c4a4dd18_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2cf9397b9a4104d7e0253770c4a4dd18_JaffaCakes118
Size

672KB
MD5

2cf9397b9a4104d7e0253770c4a4dd18
SHA1

716a952503af728d88cbdade7988d60872ac5749
SHA256

00ebbdba796f23eab3fbe05db442670710e39aecf05efc2251a46d73243956b3
SHA512

9073101a97b2325cdcb10ff23b4c5e936fe28ff00433eb9846ec78aefe6e75b8fef4a4a1af6d242bf4642aff3f3fae6b3e925b6b2aba699deb2ab089fc89ffbb
SSDEEP

12288:LFLthUY0wHf9gR8JC6hTW9LcvnIvFOTdUixA7Elnc7piqLaa6/vdI5:3mpwHfyMhKFcaJsclezi5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cf9397b9a4104d7e0253770c4a4dd18_JaffaCakes118

Files

2cf9397b9a4104d7e0253770c4a4dd18_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3d05135032f86cc84003861744e4f532

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
CloseHandle
CreateFileW
VirtualAlloc
GetProcAddress
LoadLibraryW
GetModuleHandleA
GetCurrentProcess
CreateFileMappingW
GetLastError
MapViewOfFile
UnmapViewOfFile
GetModuleFileNameW

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 560B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xcpad
Size: - Virtual size: 320KB

.idata
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 412B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ