2cebc669aad3d59dbc177b275fc3f05a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2cebc669aad3d59dbc177b275fc3f05a_JaffaCakes118
Size

404KB
MD5

2cebc669aad3d59dbc177b275fc3f05a
SHA1

18c4e22ac887da379341aee2823218428dd25286
SHA256

641cbb0035c048c2632de435509c244fa8fbf8afdb5ffd72e169b6a2aa4aafd7
SHA512

1f2ec501469b998fa4d5f601fdecd80b67237ddbe780488f20dd470438262d46c1ae8868d4f80a804a3550e2a336b8b473bdcec0fcbc3fcb27dacd74dbb29a19
SSDEEP

12288:pq73iVyeLpVCu7tPzn0WJJdyvYYi78uOa:66yeLpguBzn9HdyvYn7XO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cebc669aad3d59dbc177b275fc3f05a_JaffaCakes118

Files

2cebc669aad3d59dbc177b275fc3f05a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2cf99c37f2246ef8c56b4503d1b21031

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
IsBadStringPtrA
_lwrite
WriteFile
GetThreadPriority
ReadFile
CreateFileA
GetVersionExA
FreeLibrary
GetLocaleInfoA
TerminateProcess
GetExitCodeProcess
SetFilePointer
GetModuleFileNameA
OpenProcess
CloseHandle
LoadLibraryA
CreateProcessA
WaitForSingleObject

user32

GetWindowRect
SetRect
EmptyClipboard
EnumWindowStationsW
wsprintfW
ClientToScreen
GetKeyState
ScreenToClient

oleacc

LresultFromObject
CreateStdAccessibleObject

wmvcore

WMCreateProfileManager

Sections

.text
Size: 293KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bomex
Size: 4KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ