c2223da93b1046a23a8cf760aecfdc16_JaffaCakes118 | Triage

Sharing

General

Target

c2223da93b1046a23a8cf760aecfdc16_JaffaCakes118
Size

156KB
MD5

c2223da93b1046a23a8cf760aecfdc16
SHA1

0a4c02bcc048e89d0b22ca76f6f1d5bd152ad64f
SHA256

106637d974631e9c144f71d505b5a6c6276c606dc3b86b658d5f2c81c7860b62
SHA512

bd924ee1ce4f8fd9996bd04e372a8993527c73b3b11ab2fdfc1c6df32e0934cb796a3d6bbb8e86805e4f9df6877edbb5e96cf1b2c1de24a621a5cd878ceb8710
SSDEEP

3072:Wpc5ayStiVK4pb9gEhGDoQrrhrq2JSsipbxmNAYQpb2vY9:EcE4OeQrh22JSsiyyQq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2223da93b1046a23a8cf760aecfdc16_JaffaCakes118

Files

c2223da93b1046a23a8cf760aecfdc16_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d9794d70a3a0eeea633950bc0294d0ba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrcpynW
WideCharToMultiByte
GetTickCount
lstrcpyA
GlobalAlloc
CheckRemoteDebuggerPresent
FindClose
GlobalFree
GetLastError
GetCPInfo
EnumResourceTypesW
lstrcpyW
lstrlenW
LockResource
InitializeCriticalSection
MultiByteToWideChar
DeleteCriticalSection
GetACP
lstrcmpiW
OutputDebugStringW
GetModuleHandleW

user32

TranslateMessage
GetDC
GetMessageW
SetTimer
GetAncestor
PostThreadMessageW
DispatchMessageW
CharUpperW
wsprintfW
KillTimer
CharNextW
UnregisterClassA

winspool.drv

DocumentPropertiesW

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ