2c82281c0e38e34e42fa104843103cb0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c82281c0e38e34e42fa104843103cb0_JaffaCakes118
Size

839KB
MD5

2c82281c0e38e34e42fa104843103cb0
SHA1

01bcc01000034136ad5f4c0c6c5521e9b84bc475
SHA256

325eddc611762763c8fdd03d3789c39a38155a0af3fc701c2b5d6ddc56ea2243
SHA512

267f81ccd327b3f1218b0fb559b84bce7e2d6f7d8d0ccad28b0d329ed956d1ae0aeba508a3afbddc3eb27c12fe0528024523d9117eb6fff0a2d103e4d80e6a2b
SSDEEP

6144:WnIAoVA7vB2E2XJctXlEkalUcSeAsDykOXnOqzeKvwiRx8CtQJcsS0slMfOo5IOr:lW2E2Xe1EkaeeAskKK9EkXhXMfOU1w2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c82281c0e38e34e42fa104843103cb0_JaffaCakes118

Files

2c82281c0e38e34e42fa104843103cb0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

67b88c7c6b78a04209f6b333982f2108

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
CreateFileW
VirtualAlloc

user32

GetSysColor
LoadIconA

gdi32

GetEnhMetaFileA

advapi32

RegQueryValueExA
RegOpenKeyExA

msvcrt

_XcptFilter
__getmainargs
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_acmdln
_adjust_fdiv
_c_exit
_cexit
_controlfp
_except_handler3
_exit
_initterm
_wcsupr
_wtol
exit
free
malloc
realloc
swscanf
towupper
wcscat
wcscpy
wcslen
wcsstr

Sections

.text
Size: 805KB - Virtual size: 805KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 568B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ