2c5502148a7a64feea83a2c0804dbcbb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c5502148a7a64feea83a2c0804dbcbb_JaffaCakes118
Size

393KB
MD5

2c5502148a7a64feea83a2c0804dbcbb
SHA1

02404459cbc8ae0f6d4b0174aadb471ae77cd6f5
SHA256

d50aea8484d150b2838e919946cb5cc05e759878fcc9a1d710f9a3c8692c33e3
SHA512

0776ff7681a58c77665eaa651552378edb3dd7a2066867846e91161fdf9eeb87c7f9a519285aaa2889dc7ce4356f689d38604728054f55b6c826144b97aa209a
SSDEEP

6144:E4J6VEPuHbrkxg/KGw9Pzcl3ve2Ri+9PJ5VAfgqUMASiLhPkVpdIokBnsz+h:1QFIxgSGw9A3vNi+3Al2SOV7Nmzc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c5502148a7a64feea83a2c0804dbcbb_JaffaCakes118

Files

2c5502148a7a64feea83a2c0804dbcbb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

eab3b2ab98e25d8c027eaeb9b49d3cea

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

gdiplus

GdipGetPropertyItemSize

user32

CreateDialogParamW

gdi32

CreateCompatibleBitmap

ole32

OleLoadFromStream

oleaut32

VarBstrFromDate

comctl32

ImageList_Add

rpcrt4

UuidCreateSequential

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 347KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE