2fbb4d90b4b138976e3b1c565e36111f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2fbb4d90b4b138976e3b1c565e36111f_JaffaCakes118
Size

132KB
MD5

2fbb4d90b4b138976e3b1c565e36111f
SHA1

ad2bc74bb8a30f15448418a0d6bcf6bb3d3110ca
SHA256

76c904c0d64288016df252f63900dd09a6c6fc8a9b4f6f8f8b2b8c8a7bd8532c
SHA512

7eef87de826010d194249b4c90cba63883709dc60381367a5115182ab139fa3df176ee226cbe34c22287b76165289a1648dba082859fc225c5cbe3a7283c6764
SSDEEP

3072:hdolhUE+Q2eYGfDjjTDHqJtRaezUbgyvcJK69kbhZZVtRtEQq:h+WKXGJbe3cJK6+Br7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2fbb4d90b4b138976e3b1c565e36111f_JaffaCakes118

Files

2fbb4d90b4b138976e3b1c565e36111f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dafbf4f69f9330ef4ae15114315ca9c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ClearCommError
CreateProcessW
GetExitCodeProcess
CreateFileMappingA
ClearCommError
GetStartupInfoA
EnumResourceNamesW
QueryPerformanceCounter
CreateMutexA
ExitProcess
ReleaseMutex
ExitProcess
MapViewOfFile

rpcrt4

RpcBindingSetAuthInfoA
RpcStringBindingComposeA
RpcBindingFromStringBindingA
NdrClientCall
RpcStringFreeA

user32

CharNextA
PeekMessageA
CharUpperA
SetTimer
PostThreadMessageA
KillTimer
GetMessageA
LoadStringA

Sections

.text
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rscr
Size: 512B - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ