2cb87c9910bc8ba48ac2009ea585ad9d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2cb87c9910bc8ba48ac2009ea585ad9d_JaffaCakes118
Size

688KB
MD5

2cb87c9910bc8ba48ac2009ea585ad9d
SHA1

7c8cfd2338136bb4d4ce555ebbaad5bb6db95294
SHA256

b9bd03acdb04256bb21fbbc52a4c0a95947bedd78684e4df1f099a757d4a8faf
SHA512

ab144ffa27bfcecc6a1121ecaec4d17c8244011e26e0792519dd94a45c191790c294d518ae17827acb1498b4d2a8517e632d0bc2e3b54243beedad80f6251366
SSDEEP

6144:4P8iJIYgmSkVhIuqgZXGkJcmcuwddqogvRFgMkjMVTuJV9RZ+FEs3UVEBbD9nDB+:4UiJIYfSkVhISZWAugvRyRZ+FrBDS2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cb87c9910bc8ba48ac2009ea585ad9d_JaffaCakes118

Files

2cb87c9910bc8ba48ac2009ea585ad9d_JaffaCakes118
.exe .js windows:1 windows x86 arch:x86 polyglot

e5304516e3d13e73c8c0b902b55ce0e3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
ExitProcess
Sleep
GetSystemInfo

user32

MessageBoxA

Sections

CODE
Size: 498KB - Virtual size: 500KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 116KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 73KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ