2ad86e00e2e586815bc2bde048e8dd9e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ad86e00e2e586815bc2bde048e8dd9e_JaffaCakes118
Size

14KB
MD5

2ad86e00e2e586815bc2bde048e8dd9e
SHA1

3feacaf6c1249c207a9b11d1890b16ea078be443
SHA256

465e5da0fe1a3900fdab96de0e7cc02f0ef5a003403f9f5ef6265bb1e184c94c
SHA512

e3107941a128220dd6d437a363266cbedcf98d18ec2ae958a4c90a925befa594e67d7409756679ae4e42e647bc0d58c73acea412ca65d64842a39fb01dd47714
SSDEEP

192:AHTuT5Mnmt0V0mHqKD/i4j0mtKDGGAKeEEN3xJ01KDyVWvNWk:AIgVfKKDvftKDq3EE+KD0WvNWk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ad86e00e2e586815bc2bde048e8dd9e_JaffaCakes118

Files

2ad86e00e2e586815bc2bde048e8dd9e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

50bd533d60fe1a9f8e0618387c1ec0fe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

stimon.pdb

Imports

msvcrt

_cexit
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
_XcptFilter
__p__fmode
__set_app_type
_except_handler3
_controlfp
_exit
__p__commode
_c_exit

kernel32

GetModuleHandleA
GetStartupInfoW

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ