2dbea739ec5c54b1a3bcebcd138d50be_JaffaCakes118 | Triage

Sharing

General

Target

2dbea739ec5c54b1a3bcebcd138d50be_JaffaCakes118
Size

78KB
MD5

2dbea739ec5c54b1a3bcebcd138d50be
SHA1

8983c117646ced45f438e7b5e862e3a4c725edca
SHA256

5b60c68944368c9b21e4333f3f289152f15e69ce2a4ff387fb7a0005cb990bfb
SHA512

0027b04b3f7fa337e7956ac226fd34c7344d0c7a2a32ae58fe730870b7e812a098a3fe713d5fdcf0d797254d4497d3e2511ed09227d308fa671231c0f0f047e4
SSDEEP

1536:JtUknV9M6+ygXCNoNGtmFWZPhV8owtnMQPo9NSw249gdhwA2jeddm0cW:VCygXkoNGtmQZ5wbAzSm9gdhj2aI0cW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2dbea739ec5c54b1a3bcebcd138d50be_JaffaCakes118

Files

2dbea739ec5c54b1a3bcebcd138d50be_JaffaCakes118
.exe windows:5 windows x86 arch:x86

84e12c1f6a4fe9a17952d249175e9ee9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

version

VerQueryValueA

netapi32

NetServerEnum

ws2_32

WSAStartup

mpr

WNetAddConnection2A

user32

SetCursor

gdi32

EndDoc

comdlg32

PrintDlgA

advapi32

LogonUserA

Sections

.MPRESS1
Size: 73KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE