2ecf90b61473656fde6c3dcb2b7923d4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ecf90b61473656fde6c3dcb2b7923d4_JaffaCakes118
Size

1.1MB
MD5

2ecf90b61473656fde6c3dcb2b7923d4
SHA1

5d120c6382230985b7ac3edd1e022ff34dfb6b3a
SHA256

01eba86e8d4ceecccefb3a6907a89de4aa97ff9b21a108a6d2f3314cd3f77120
SHA512

f0260a2a7c82ca1546692be72d004c511718fef00d00a7c4bf1db0b0ef3e7d857d587df5624ed910d26354ee31cd6c54d70bbcff00a2de074cf44ac56c12c073
SSDEEP

24576:ea/v/9hMGcr7PzF4GY5Qw+oDy5M93pMzT1l02ExzvdcYuuo27qOE5Z:V4rjYj+oDKM93ezT1kxjuP27TYZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ecf90b61473656fde6c3dcb2b7923d4_JaffaCakes118

Files

2ecf90b61473656fde6c3dcb2b7923d4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a5399445762a6ad0783d668d70c53790

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableW

Sections

cmykiwiy
Size: 243KB - Virtual size: 568KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hnezrgjw
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mbdopshe
Size: 743KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fhgdxcrd
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE