2bd20dacf0f57e87276f2091d727e23a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2bd20dacf0f57e87276f2091d727e23a_JaffaCakes118
Size

156KB
MD5

2bd20dacf0f57e87276f2091d727e23a
SHA1

8d21195643c6bcc364ced6058b38f39276b99349
SHA256

c42d3c3cace50e7d781797345cbd76507e33d0c736e5fedfd4afc7cd7a9efe5e
SHA512

84f96010a4baee12fee9ccf45273dec16742f4b9e44a348fbc38e01a39dbd8e22f086339a0da5bbafb8707972b4ca99d832e7e3e0a59491e9149571ffbdf2c29
SSDEEP

3072:CrxPRCvW3eSLlOmoFbZc7dhH1RVrkhYKbO23QlYUm8p/:CrFRCvW3DkmosdhVRVkJOOQlYUms

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bd20dacf0f57e87276f2091d727e23a_JaffaCakes118

Files

2bd20dacf0f57e87276f2091d727e23a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b5b5ae7f54e2316d8e5a6830e5c618b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoW
GetCommandLineA
RtlUnwind
GlobalFlags
GetModuleHandleExA
GetEnvironmentStringsW
GetProcessVersion
GetProcAddress
SetLastError
GetLastError
FreeLibrary
lstrcmpiA
lstrlenA
GetModuleHandleA
GetVersion
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetEnvironmentVariableA
LocalFree
GetVersionExA
FreeEnvironmentStringsW
LoadLibraryA

shell32

ShellExecuteExW

shlwapi

SHDeleteKeyW
PathCombineW

ole32

OleInitialize
CoQueryProxyBlanket
OleInitialize
OleUninitialize

Sections

.text
Size: 57KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 286B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ