2cd0f6e802cd61d0a85cc13a6182c0c5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2cd0f6e802cd61d0a85cc13a6182c0c5_JaffaCakes118
Size

334KB
MD5

2cd0f6e802cd61d0a85cc13a6182c0c5
SHA1

a1a544ca4e22347c9281516323c9885462b64587
SHA256

4a4a5c4cd828ce06fca447b02c3e4d4ed657f30a77d5a754454de153dc5351b2
SHA512

831e468c7a458e5ba0e6defc003ad71a6892101bbe73b25a7cbb89e7259d6be6a2467a03f58dee99b32393e6fad56638bd6c2f19d5a18b5f5ca5ad98b3a5537b
SSDEEP

6144:m5AXOZNyD7dzY6VnCRK0Nt1Koif1D+yfHXw2rh4Uy3Gw5j5sxu/0S3abHGuIGahj:7PVCI0rIoUpP/5rKFrV3aHGu1a/ES

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cd0f6e802cd61d0a85cc13a6182c0c5_JaffaCakes118

Files

2cd0f6e802cd61d0a85cc13a6182c0c5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

70e4bc4d845d55bcd0633f7d11af0b3d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResumeThread
ResetEvent
CreateFileA
SetEvent
ReleaseMutex
GetSystemTime
CloseHandle
FindAtomW
LocalFree
GetTickCount
GetDiskFreeSpaceW
GetFileAttributesW
lstrcmpW
GetModuleHandleA
CreateThread
GetCommandLineW
LoadLibraryW
HeapCreate
GetComputerNameA
SetLastError

user32

GetClipCursor
FillRect
DestroyCaret
DispatchMessageA
CreateWindowExA
GetClassInfoA
CloseWindow
SetFocus
GetComboBoxInfo
CallWindowProcA
GetDlgItem
GetKeyState
DrawStateA
MessageBoxA

cryptdlg

DecodeRecipientID
CertTrustCertPolicy
CertConfigureTrustA
CertTrustFinalPolicy
CertTrustInit

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 322KB - Virtual size: 321KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ