2c6ae09ca4fa6466b61533f77ba5dac8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c6ae09ca4fa6466b61533f77ba5dac8_JaffaCakes118
Size

692KB
MD5

2c6ae09ca4fa6466b61533f77ba5dac8
SHA1

02830dcecc41019635500b2ffe2193e9900890dd
SHA256

eebfed35675b341426e406445ccf4d335ce81f36a25505c9844efdb3a7aad62b
SHA512

1f4d9fb44cce37306a876fd732c2e0f381d31b6f9517347a90effc3ece4caa0c3f06d893f367e9c66ee59a48aa02152dedecc34fa349fe20d4ae686ec4816807
SSDEEP

12288:2CM0+dKzraIQJHUtDLshVDy4kfHQM0naIwA4HFZGUWs:x+d6roRUtDLshVDy4kIM+4HFTf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c6ae09ca4fa6466b61533f77ba5dac8_JaffaCakes118

Files

2c6ae09ca4fa6466b61533f77ba5dac8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1dee17135f9d68aa504bc0f3aaf4f7bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetVersion
GetTickCount
GlobalFree
LocalFree
CreateEventA
GetStartupInfoA
CloseHandle
lstrcatA
GetCommandLineA
GlobalAlloc
Sleep
GetVersionExA
GetFileSize
GetModuleHandleA
FreeLibrary

gdi32

SetROP2
CreateFontIndirectA
GetObjectA
SetBkMode
GetDeviceCaps
GetTextExtentPoint32A
PatBlt
SelectObject
DeleteObject
GetStockObject
LineTo
BitBlt
GetPixel

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 686KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ