2fa289d19aea1f9a02eb6fcd0e0c63e7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2fa289d19aea1f9a02eb6fcd0e0c63e7_JaffaCakes118
Size

184KB
MD5

2fa289d19aea1f9a02eb6fcd0e0c63e7
SHA1

345adab8acf0054c21b61bb456694e9c4eafac0b
SHA256

9918ba577f31381f0ffa203c6cd7e6d09e841640f23004fce9f1208310dd9b46
SHA512

5e92ebff2ab71be1fe0af6cd98050770ed7a04d106da98edc7e5580a2f593d51b0e8bbc164d989b1093f185c2d968b7631037cbeaedde0620c16f68415fa031a
SSDEEP

3072:4v6Rf1vWrsJCilUqIloAZHgVpoAWPlTgmaVIIcd6EUE8qo8TvpOxlPs+f:4v6RfBsKBlUbuoAWU7vc4lEu8TvpOnz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2fa289d19aea1f9a02eb6fcd0e0c63e7_JaffaCakes118

Files

2fa289d19aea1f9a02eb6fcd0e0c63e7_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5ce430dd16bd20e0663118944ae7fc89

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetStdHandle
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

MessageBoxA

Exports

Exports

_GetProxy@28

Sections

.text
Size: - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.upx0
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.upx1
Size: - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.upx2
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 184B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ