2ef0373460163200d323961fb0e9ba15_JaffaCakes118 | Triage

Sharing

General

Target

2ef0373460163200d323961fb0e9ba15_JaffaCakes118
Size

92KB
MD5

2ef0373460163200d323961fb0e9ba15
SHA1

06074eb92929c617ec75e6ceac8e10de05fa32b0
SHA256

0baa9f1f6d98bd7b790862b5e2cb6c8bf6eec5e7a46e38558042e204e2f69035
SHA512

e8daf08a2c82ae0f146b4e971179d26232aa85f9885fc6d96f215ecb9eb42034d9e9821e2d7f8c204bcf0ea88357a2241464f28b938f5c684786de79844e9e81
SSDEEP

1536:8iujS2fNDsY1GGSvUyTvarpwiVtX524GJ35DUJZXP03WPEs:7pzja552FosGPEs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ef0373460163200d323961fb0e9ba15_JaffaCakes118

Files

2ef0373460163200d323961fb0e9ba15_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9b532b561023bfe8ea69edf6903b8ae4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockFile
GetLocaleInfoW
FlushFileBuffers
GetSystemInfo
LCMapStringW
RtlUnwind
HeapReAlloc
GetOEMCP
GetACP
LoadLibraryA
GetStringTypeW
GetStringTypeA
IsValidCodePage
EnumSystemLocalesA
GetLocaleInfoA
HeapCreate
HeapDestroy
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
WriteFile
MultiByteToWideChar
GetModuleHandleA
GetProcAddress
ExitProcess
GetProcessHeap
HeapAlloc
GetVersionExA
HeapFree
GetCommandLineA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
FormatMessageA
LocalFree
GetDiskFreeSpaceA
lstrlenA

msvcrt

tolower

Sections

.text
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ