2db0f5dc1338686047ac988abe287d4f_JaffaCakes118 | Triage

Sharing

General

Target

2db0f5dc1338686047ac988abe287d4f_JaffaCakes118
Size

195KB
MD5

2db0f5dc1338686047ac988abe287d4f
SHA1

0a9369f2ef954168bd3f50eefb710f5a9371cac4
SHA256

69596914aabb1ea32921017aea26ada714bdb33d2630c70bd936dd59000c1eac
SHA512

81cd0932f4a705fe9921117bd7864aedd8f4a004f7f76671991acb9fa9a98032de9fcd3241e0882d38a513e134e45ba6f4522d62316f915cfae02447bbb00f38
SSDEEP

3072:anArpuMoSzlwJO3AgSGO7ITqRuzucEcmqOTAFh+5ted8pQKKGb3y7xE7QEq9m/2D:IGjLzfpjqc1OeY5teOKGbi7+7QEq9mW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2db0f5dc1338686047ac988abe287d4f_JaffaCakes118

Files

2db0f5dc1338686047ac988abe287d4f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f266c91da7a0b91b030fac1260f5005f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipCloneImage

ole32

OleTranslateAccelerator
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc

kernel32

LeaveCriticalSection
LCMapStringW
SetFirmwareEnvironmentVariableA
LocalFree
GetModuleHandleA
SetStdHandle
DeleteCriticalSection
EnterCriticalSection
GetLastError
EnumResourceTypesA
LocalAlloc
LCMapStringA
GetShortPathNameA
LoadLibraryA
GetProcAddress
InitializeCriticalSection
GetSystemInfo
GetStringTypeA

winmm

timeGetTime
timeSetEvent

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

Sections

.text
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ