2fa192011eb7f968dcca8a4e9be28723_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2fa192011eb7f968dcca8a4e9be28723_JaffaCakes118
Size

56KB
MD5

2fa192011eb7f968dcca8a4e9be28723
SHA1

1882be0306d470a7771d89728c248834f9b03dbb
SHA256

7990b89de0948891063e063704f2a0f46e336219f5c1625c4b6d74f83775a002
SHA512

ead758661d8711bb1535401fc1508db3be79867ccaccfa8981c7d20104239353b92003812a054afc843d111427e0e833b36954102848922adde06fc8a5e882d3
SSDEEP

768:KTIt9eztwichvDSgh4GsxxnHVPheFZ53k0XnFBpbtQJ3FkBA6UiKon:KYeztQDfh4GsK353NP9tQDiA6UIn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2fa192011eb7f968dcca8a4e9be28723_JaffaCakes118

Files

2fa192011eb7f968dcca8a4e9be28723_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9ab53a0b617b14d810b6b281529f78c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
MulDiv
GetModuleHandleW
lstrlenW
FreeResource
WaitForMultipleObjects
FindClose
GetFileSize
CancelWaitableTimer
GetLastError
VirtualAlloc
ReadFile
GetCurrentThread
InterlockedDecrement
LoadLibraryA
FindNextFileW
LockResource
SetFilePointer
FreeLibrary
GetProcAddress
LoadResource
FileTimeToSystemTime
SetWaitableTimer
GetFileAttributesExW
CreateThread
FindResourceExW
GetCurrentProcess

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 756B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE