2f20133f655b7b8d83c7fccf564a61b6_JaffaCakes118 | Triage

Sharing

General

Target

2f20133f655b7b8d83c7fccf564a61b6_JaffaCakes118
Size

188KB
MD5

2f20133f655b7b8d83c7fccf564a61b6
SHA1

406c1db4a9c97d8fc316dee39fe9658854c6654f
SHA256

f48afcae633ee525f655225353a6cecc8f7b5c7539330e12fa4464a298476566
SHA512

82919387085b20759c780b1e5682c25a4e1c8f6af69ae81d8256d8adfef5198869df3637800399d86ffae12dd74c26a040324e8768eff554815f0034182845ac
SSDEEP

3072:1Suac9DFvTiGqo62w4Lyomp9cWUmpLr06AiIzVNQGcTzGFO:xaoDxiGk2ErcC3AiIpNQJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f20133f655b7b8d83c7fccf564a61b6_JaffaCakes118

Files

2f20133f655b7b8d83c7fccf564a61b6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7b2f04686782dbaa737bc10426d77928

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFirmwareEnvironmentVariableW
LeaveCriticalSection
GetLastError
LocalFree
LCMapStringA
SetStdHandle
DeleteCriticalSection
GetSystemInfo
LoadLibraryA
GetProcAddress
EnumResourceTypesA
GetModuleHandleA
GetShortPathNameA
LocalAlloc
EnterCriticalSection
InitializeCriticalSection
LCMapStringW
GetStringTypeA

winmm

timeGetTime
timeSetEvent

wininet

InternetOpenUrlA
InternetOpenA
InternetReadFile
InternetCloseHandle

gdiplus

GdipCloneImage

ole32

OleSave
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
StringFromGUID2
CoTaskMemRealloc

Sections

.text
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ