2dcc2e5d629b0861782689f046600ffc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2dcc2e5d629b0861782689f046600ffc_JaffaCakes118
Size

67KB
MD5

2dcc2e5d629b0861782689f046600ffc
SHA1

3c3f5a9ae0cceb2e622f82bb888bcbd947cfb214
SHA256

59a8b305f89e182b6c81db0b845002f3e32697c16ed92636db7bb3e7ffb91828
SHA512

abfefe4bfcbb26e5ee623819feabd7eba741832aafef8bfb9f91ba8d74eab99d0177aded1321152e7028e048e68f1d98ad749d203ed39972b68f821de99e40f6
SSDEEP

1536:i647AIp0krY4NQU6EMh6FiSCMZ6aETStqnR:fcAIPrqESNSCu4TStqR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2dcc2e5d629b0861782689f046600ffc_JaffaCakes118

Files

2dcc2e5d629b0861782689f046600ffc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c92746cd3b69c56e5c4ed6d3f9854fa1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
VirtualAlloc
FreeLibrary
VirtualProtect
GetLastError
CreateMutexA
ExitProcess
GetProcAddress
LoadLibraryExA
GetModuleHandleA
GetModuleFileNameA
LoadLibraryA

user32

MessageBoxA
wsprintfA

Sections

.data
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE