2e5a0e86b14886bfc169e293c6ead575_JaffaCakes118 | Triage

Sharing

General

Target

2e5a0e86b14886bfc169e293c6ead575_JaffaCakes118
Size

48KB
MD5

2e5a0e86b14886bfc169e293c6ead575
SHA1

ac299468a1dda460c0665a2736e4662b3c7f3f8e
SHA256

65a80e919756bfb0a9226168f4514f33270a53a61627670250d820ebe7f6d40d
SHA512

97b116404af602631c43b5498210c20589440549ffa4a7feeb227c262e106fd42be28db6dd836e94cf89e99bc95fceb226dc1f34aaf6c5804b015236d27acab9
SSDEEP

768:/Ez1nN0y7703v/d/v5hNppatOYI4RJrygPXo9zn:cz1my78FHf8tOYRJGEo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e5a0e86b14886bfc169e293c6ead575_JaffaCakes118

Files

2e5a0e86b14886bfc169e293c6ead575_JaffaCakes118
.dll windows:4 windows x86 arch:x86

cc014ac5bb3b3ea4fb132c319b2afa90

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
GetModuleHandleA
GetProcAddress
GetTickCount
lstrlenA
lstrcpyA
GetCommandLineA
VirtualProtect
LoadLibraryA
lstrcmpiA
VirtualFree
VirtualAlloc
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
HeapDestroy
HeapCreate
HeapFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
HeapAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
RtlUnwind

Exports

Exports

Ordinal1
Ordinal2

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 29B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ