2cb380bf84ead303d6599065af03c9d9_JaffaCakes118 | Triage

Sharing

General

Target

2cb380bf84ead303d6599065af03c9d9_JaffaCakes118
Size

752KB
MD5

2cb380bf84ead303d6599065af03c9d9
SHA1

37f549578c275bc5b1018ac37da3a9dad8876b66
SHA256

dcc7074e2e815d17e8c9d7b5eeeee2511cf6e99ad35925dfe3844a9d3b1d3e15
SHA512

fe81376ef77a85ce8631af08091b401cd63516bcd0365e48b5b3559a4083c35962ae835eaf87fc5d64eaf3a2e4894897bd8e7ec96bdd0ac969d2aa47b24463e9
SSDEEP

12288:1WBmgS4/pUbD9qIjCmVZH03eK2KT1C34HwgGwEC5qvp6HM+28X6yMWqoq3:oPKh/H0OHKTY34HwgihP+nX6yL6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cb380bf84ead303d6599065af03c9d9_JaffaCakes118

Files

2cb380bf84ead303d6599065af03c9d9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3b1549a5c0d27c7e100d9267944eeb90

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetFileSize
GetCurrentDirectoryA
DeleteFileA
WaitForSingleObject
CreateFileA
GetTickCount
GetEnvironmentVariableA
GetStartupInfoW
SetEndOfFile
ReleaseMutex
CreateMutexW
SuspendThread
FindClose
ExitProcess
HeapCreate
CloseHandle
InitializeCriticalSection
HeapDestroy
AddAtomA
ResetEvent
SetLastError
HeapSize
GetModuleHandleA
GetSystemInfo

shell32

SHGetDiskFreeSpaceA
StrChrA
SHFree
ShellAboutA
DragQueryFileA
ShellMessageBoxA
SHGetSettings
DllUnregisterServer
DuplicateIcon
SHGetMalloc
DragAcceptFiles
ExtractIconA
DragFinish

dswave

DllGetClassObject
DllGetClassObject
DllGetClassObject
DllGetClassObject

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 746KB - Virtual size: 745KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ