2eca4e7119e5c704eb17d5e7a616acb6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2eca4e7119e5c704eb17d5e7a616acb6_JaffaCakes118
Size

145KB
MD5

2eca4e7119e5c704eb17d5e7a616acb6
SHA1

95ea6117751450c676e9a2b2cc5f1ae4a6e91bb8
SHA256

e5cf1e27e2017935ffbdfa149a5d03ae1049d7cc965faa4a1280beee21d2d208
SHA512

b51cd86810fee0f74ea2035dba12a818bee1cef013bee55098241c66a21ea6921a32e57b64998105177d8859de56878ae1713e705b783a6a7c08965efb12616e
SSDEEP

3072:5LVG+0lQJ6yNzErjTvXQonEnIsYncRdybTCrxmM0HrQNMpnCmmcIn:WFl45h6j7XQIvsIcRdybTCdULQ6pC2I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2eca4e7119e5c704eb17d5e7a616acb6_JaffaCakes118

Files

2eca4e7119e5c704eb17d5e7a616acb6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

72562c21745830d31343814dda230283

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

wininet

FtpPutFileA

user32

GetKeyNameTextA

gdi32

CreateDCA

advapi32

RegSetValueExA

ole32

OleRun

oleaut32

SysStringByteLen

Sections

.text
Size: 139KB - Virtual size: 636KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE