ce2e09958808e815a304111fd6326710_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ce2e09958808e815a304111fd6326710_JaffaCakes118
Size

25KB
MD5

ce2e09958808e815a304111fd6326710
SHA1

ca5de17949d17626c74fdcca609bfca4028c7a02
SHA256

d694c0b48f03044a70f9d956ac7f0bd8a021fcaf90bc1b09f10261385e5247bb
SHA512

1aa88310ecd711f3ab308d6b002b81d9945a5ca93f9b8651da0dc904898f6a565b64cd16c79c104753d7c2900e36815c5e99247ce171d81dbd1ca70e98267095
SSDEEP

384:Uw44gGwRo4AydE4pMDyzM5ZPrxNnCZ8T4R4gaDdZniYjjbcQLSM60jSibG:Utr3Ro4A3TezqZ/COT4R4V/j0y9bG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce2e09958808e815a304111fd6326710_JaffaCakes118

Files

ce2e09958808e815a304111fd6326710_JaffaCakes118
.exe windows:1 windows x86 arch:x86

e2c69898e19633e9830253504d1e2896

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ElfDeregisterEventSource
CryptGetKeyParam
FindFirstFreeAce
GetSecurityDescriptorDacl
GetTokenInformation

kernel32

ClearCommBreak
ConvertThreadToFiber
CreateEventA
CreateMutexA
DefineDosDeviceA

Sections

.text
Size: 17KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE