2f804cd8fe8dad4d5f95df4dcf301642_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2f804cd8fe8dad4d5f95df4dcf301642_JaffaCakes118
Size

63KB
MD5

2f804cd8fe8dad4d5f95df4dcf301642
SHA1

4e5b5704aa39e555e3b99d6efe1358ba4ec6490b
SHA256

c221bcae4645b106cde4b8dd0dd366c3ee03a9e8ccfd4e13d2543e6ac645670e
SHA512

25e6517a4b7b343cc35e07a03fe1324223cfb2c9ea3f92e12a2b22a1b9513f939453fb43c70355ad34df43147238c457e65484bb667484a054126dcf042de5e1
SSDEEP

1536:boqWn04kfBzXoAE9tN++bc0dNePIZmf5q2c9UD17:boqW04szbE9tN++bhgF5c9UDd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f804cd8fe8dad4d5f95df4dcf301642_JaffaCakes118

Files

2f804cd8fe8dad4d5f95df4dcf301642_JaffaCakes118
.exe windows:4 windows x86 arch:x86

645c00a9a08b07da368303729ff49067

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumResourceNamesA
FlushInstructionCache
LocalReAlloc
TlsSetValue
VirtualProtectEx
CreateEventA
SetCommState
GetPrivateProfileIntW
BaseProcessInitPostImport
MoveFileExW
GetSystemDefaultUILanguage

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE