2b0d365c0f208a227abb3918166c80b9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b0d365c0f208a227abb3918166c80b9_JaffaCakes118
Size

208KB
MD5

2b0d365c0f208a227abb3918166c80b9
SHA1

b12d4ab971bff0cd7e8c8bbbf95e8324e39242ed
SHA256

c7f91631b228d167d00109ebfe1322640dda3c1abdf98d25a378233eefdc6e97
SHA512

b07e5a714d94c8e8272bafbaf101ccd59896254d0228f28ac3556cfdc388e6172ec2250c35f979833c61d0402b75a3c5f1eebf9937d2323c35c1082a77bad47d
SSDEEP

3072:mBhDsfbrBhqsyQd52mb4E3hhDlgi4zvAJtja/TUeEHVDe8CMkc0jNDVh3LBKT1i:mBhDsPB+W52mEE3hhxgikEqMkJDH3s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b0d365c0f208a227abb3918166c80b9_JaffaCakes118

Files

2b0d365c0f208a227abb3918166c80b9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e8513a85adc0b21a1e023b28b256935f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrTrimA

kernel32

lstrcpyW

user32

GetWindowLongA

Exports

Exports

LowSmoothSensE
?RedirComplete@@YG_JDKUl98207long@@Ul26918729wex@@WE
?RestrictLowCost@@YG_JEPAXUmno284720984202747@@WE

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vibe
Size: 512B - Virtual size: 76B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.beso
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sorn
Size: 1024B - Virtual size: 563B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ