2dd2c4560dfd97d0d5832ad2be47cc41_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2dd2c4560dfd97d0d5832ad2be47cc41_JaffaCakes118
Size

287KB
MD5

2dd2c4560dfd97d0d5832ad2be47cc41
SHA1

f934b65b42b95e4c881e53d6539a4bf45ebd7d04
SHA256

d69af1d354f4c1fcec3f0f27a052296dd8e3b079c1808b23ac5a1a78012c07f1
SHA512

a6a40575fa5fa00f9be09fa86b4d70b773753442669d263c2d4470b78ccd32d070aec7cd6d0f3f8cc420bfbbee415c3ee8350a4f46895e174a57779530253f0d
SSDEEP

6144:J5hcTqRqL9bjkXbfb9aILY+15kx0kN4PkcULaBniG1Jugyd:DhgqYBaDmx0kW8ceMf1NY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2dd2c4560dfd97d0d5832ad2be47cc41_JaffaCakes118

Files

2dd2c4560dfd97d0d5832ad2be47cc41_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7259d33761d40ff3d2c66e80131c1c3c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExW
GetAtomNameA
GetDiskFreeSpaceA
SetFilePointer
ReadFile
GetFileAttributesA
SetStdHandle
FlushFileBuffers
FreeEnvironmentStringsW
IsBadReadPtr
GetCPInfo
LCMapStringW
WideCharToMultiByte
EnumResourceNamesA
FreeLibrary
SetUnhandledExceptionFilter
GetThreadLocale
WriteFile
UnhandledExceptionFilter
GetFullPathNameA
GetStringTypeA
CreateFileA
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsA
VirtualProtect
LCMapStringA
GetEnvironmentStrings
FindFirstFileA
IsBadCodePtr
MulDiv

shlwapi

DllGetVersion
PathIsFileSpecA
PathAppendA
SHCreateStreamOnFileEx
PathIsContentTypeA
PathCreateFromUrlW

rpcrt4

RpcStringFreeA

Sections

.text
Size: 152KB - Virtual size: 279KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ