2c23264cae804351f704fb4721191c0e_JaffaCakes118 | Triage

Sharing

General

Target

2c23264cae804351f704fb4721191c0e_JaffaCakes118
Size

695KB
MD5

2c23264cae804351f704fb4721191c0e
SHA1

252d12b448eb84abd1389a9c898ef5e735a28834
SHA256

6a3bfae2b4b306208a322953bf422a437fcc3ac7b0645e8891ee84f1d267c9f9
SHA512

fc1e3aa7af649d675e5b15e8857b4281939589d1b62a96b6c08307728269c4b0ca1e58922aa1c59e9c668a0ca732fb3c4d53c1f0ad809a3a0811f34359f553d2
SSDEEP

12288:aaSO/OF57iyJFvSILpu73BsUQpUxUoX4rlKlKmH56Jdwl:vStv5nPu1sUQge0lKY6nwl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c23264cae804351f704fb4721191c0e_JaffaCakes118

Files

2c23264cae804351f704fb4721191c0e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2b0da48303389da0415b498f979d076b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetVersion
CloseHandle
FreeLibrary
GetModuleHandleA
LocalAlloc
GlobalAlloc
GetTickCount
LocalFree
GetFileSize
CreateEventA
GlobalFree
GetVersionExA
GetLastError
lstrcpyA
Sleep

gdi32

GetTextExtentPoint32A
SetROP2
BitBlt
GetTextMetricsA
CreateCompatibleDC
SetPixel
GetBkColor
DeleteObject
GetPixel
ExtTextOutA
CreateFontIndirectA
GetStockObject
CreateSolidBrush

msvcrt

_controlfp
exit
_XcptFilter
_initterm
wcslen
toupper
__CxxFrameHandler
_exit
wcschr
__p__fmode
_except_handler3
_adjust_fdiv
memmove
__p__commode

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 672KB - Virtual size: 676KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 724KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ