2f4b364260566955f01a0d70ab7ba1c6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2f4b364260566955f01a0d70ab7ba1c6_JaffaCakes118
Size

81KB
MD5

2f4b364260566955f01a0d70ab7ba1c6
SHA1

ee30707512edc9e3ab1f17886379ff7507277fd1
SHA256

990cfd088961f432bfccfb018d9f5f2c22daa326a5a3e7072e362d3f9b466ee6
SHA512

657e95f26dea05cf4b060d7c9aa28959275d9b07f4eda26ad76ad3632a9196eb4270aab2085ebbbc55427d58719243eff95e1b9ad99cc2d66288127f848081f1
SSDEEP

768:ScmNseID7ysCoS6xlX7riWbyG5edW3VF+k8Zk8/g2CaUBv5dFY1tr452iFidYFJ0:dyseI/y2xlCWubdWXJFBvrFslkb46Qm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f4b364260566955f01a0d70ab7ba1c6_JaffaCakes118

Files

2f4b364260566955f01a0d70ab7ba1c6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

97621eec47429f687704d4d8eb59c5ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExW
CancelIo
EnumResourceTypesW
TlsGetValue
CloseHandle
DeleteCriticalSection
GetDiskFreeSpaceExA
VirtualProtect
LocalFree
GetDateFormatA
ResetEvent
FindClose
GetDriveTypeW
IsBadReadPtr
FreeConsole
GetModuleHandleA
IsBadStringPtrA
SetLastError
GetLastError
GetCommandLineA

advapi32

AccessCheck
LsaClose
GetFileSecurityW
RegCloseKey
CloseEventLog
LsaFreeMemory
IsTokenUntrusted
CloseTrace
RegCreateKeyExA
OpenEventLogA
GetLengthSid
RegEnumKeyExA
FreeSid
RegCloseKey

hnetcfg

DllRegisterServer
HNetFreeSharingServicesPage
HNetGetSharingServicesPage
DllGetClassObject
HNetDeleteRasConnection

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE