2ce6783ba6d68758dc9ca55135957ad0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ce6783ba6d68758dc9ca55135957ad0_JaffaCakes118
Size

31KB
MD5

2ce6783ba6d68758dc9ca55135957ad0
SHA1

0d95cf7b226e73da4b78dc8c4dcbe455e7c7a49b
SHA256

69a410df035c1bdfe1bc84f203dff80d56772625e73a9a8558882142a72bee6a
SHA512

74224c9d7c1656eca66ccba4dfd714694fc9064b50b4d14f601490d015477e8b2973a8d2aa69cad4ff1f4f357b591f2c1cd12007d8f911790af81b3404029c43
SSDEEP

768:NiPy9aYe8tk6d78U6y8HPZK4nClUtZQbWvQRz:/Xesp6yAPI3EdvQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ce6783ba6d68758dc9ca55135957ad0_JaffaCakes118

Files

2ce6783ba6d68758dc9ca55135957ad0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e699e8767bf71be909d4c3d9d5786e78

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WriteFile
CreateFileA
FreeResource
LockResource
SizeofResource
LoadResource
DeleteFileA
CreateDirectoryA
MultiByteToWideChar
GlobalFree
GlobalAlloc
GetModuleHandleA
GetStartupInfoA
GetEnvironmentVariableA
CreateProcessA
FindResourceA

iphlpapi

GetNetworkParams

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA

winhttp

WinHttpGetIEProxyConfigForCurrentUser
WinHttpGetProxyForUrl
WinHttpOpen
WinHttpConnect
WinHttpSetOption
WinHttpSendRequest
WinHttpCloseHandle
WinHttpOpenRequest

msvcrt

exit
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
wcscat
_except_handler3
wcscpy
_exit
_XcptFilter
_initterm
_acmdln
__getmainargs

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ