2afd8ea37d0bdd8e464eb34f1a5e5fff_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2afd8ea37d0bdd8e464eb34f1a5e5fff_JaffaCakes118
Size

188KB
MD5

2afd8ea37d0bdd8e464eb34f1a5e5fff
SHA1

614b777ee7d6c90fb8d32d323485d87e070e3e92
SHA256

65e8fc9aa4b7b2db8ad7c80b35e625693a4d233efe34add37ae78249c7cab3b6
SHA512

2234feb651403485ca6f2421386ec99601375617ed5b2a373250cb208de04528f9528e7b1bc2e4139d75061b610a3ebd1e8e592661450f882a83abfd5c19e422
SSDEEP

3072:wRw/ajGlPXwjykHGIvuafn16w0o3WZQNxyTNRZXvj+QrmA5+aczYp/KvRgD9gIh:1ajGlPXJBu716w0yWZUsX7DqAgacMp/b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2afd8ea37d0bdd8e464eb34f1a5e5fff_JaffaCakes118

Files

2afd8ea37d0bdd8e464eb34f1a5e5fff_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1acd1ffffa6ecff0974ba9b361965d18

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmAssociateContext

kernel32

GetCPInfo
IsValidCodePage
Sleep
QueryPerformanceCounter
LCMapStringW
SetProcessAffinityMask
LCMapStringA
OutputDebugStringW
WriteConsoleW
CreateFileA
GetEnvironmentStrings
CreateFileW
WaitForSingleObject
ReadFile
GlobalAlloc
SetStdHandle
GetStringTypeW
SetEndOfFile
EnumResourceTypesA
GetOEMCP
DeleteCriticalSection
WriteConsoleA
CreateProcessW
GetEnvironmentStringsW
InterlockedDecrement
CreateEventW
CreateHardLinkA
GetSystemTimeAsFileTime
LoadLibraryA
GlobalLock
InterlockedIncrement
GetACP
TerminateThread
GetModuleFileNameW
GetStringTypeA
GetLocaleInfoA
WriteFile
FlushFileBuffers
FreeEnvironmentStringsW
GetConsoleOutputCP
GlobalUnlock

ole32

GetHGlobalFromILockBytes
CoInitializeSecurity
CoCreateInstance
CoUninitialize
CoTaskMemFree
CoQueryProxyBlanket
CoInitializeEx
CoSetProxyBlanket
StringFromGUID2

Sections

.text
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ