2fe15c23c31db96fe794bc843f3092d7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2fe15c23c31db96fe794bc843f3092d7_JaffaCakes118
Size

275KB
MD5

2fe15c23c31db96fe794bc843f3092d7
SHA1

41ffe5fd2c26241b81488729c3987c07ca453b14
SHA256

c63c43cc867b28493c46aac78cbb9c01bab44b0b2671efcefe1812c9205f4606
SHA512

4ad98c9621fbaaadaa8d5247caa6d106410d182fb426bee17f36c6fab316ae766b30a193a2daf2b3bb5a303c346c98f2451dec6d1b1b38e7ec048d4686d9300e
SSDEEP

6144:vY6gXYDHOdIQq5LOihnPFx5fA4/1I5jPKYh+I85sIY4mV:vUIOdsLOildDfA4+Jhx4m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2fe15c23c31db96fe794bc843f3092d7_JaffaCakes118

Files

2fe15c23c31db96fe794bc843f3092d7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cf63bf54aa47ad3c5059ac3e03da8e32

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
RtlUnwind
HeapFree
GetOEMCP
VirtualAlloc
WriteFile
GetStringTypeA
LCMapStringA
IsDebuggerPresent
EnumResourceTypesW
GetCPInfo
LZCopy
LoadLibraryA
InterlockedExchange
GetACP
GetStringTypeW
LCMapStringW
SetUnhandledExceptionFilter
GetLocaleInfoA

msimg32

TransparentBlt

oleacc

GetOleaccVersionInfo
AccessibleObjectFromEvent

Sections

.text
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ