020203f4b29d22d91ab73c69ead17f12_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

020203f4b29d22d91ab73c69ead17f12_JaffaCakes118
Size

41KB
MD5

020203f4b29d22d91ab73c69ead17f12
SHA1

5550f8ecbb85e06c54a21af75e1ae72821a2ef2b
SHA256

8ea0b553f44f2c52526a65d41470283311332c9aa6a1c7cc7c369f0c06aa716f
SHA512

2be76b084fd2d5c9dc4485b7705a3c2a358a83f2b0fc3d9cc2f29b67bb8792288fdae7ee362a20cfbbd3d6ff3b672775d057384a18c3638d9081370a7b5d8ecd
SSDEEP

768:GRiY5sfmFuU4W44TiOqQ1R5BLTiURHnmQvfP:bYKf2V4yq8PiURv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
020203f4b29d22d91ab73c69ead17f12_JaffaCakes118

Files

020203f4b29d22d91ab73c69ead17f12_JaffaCakes118
.exe windows:4 windows x86 arch:x86

db5368f16fc036edb0ea87f29001684a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memcpy
memcmp
_umask
??2@YAPAXI@Z
_spawnl
_stat64

kernel32

GetSystemInfo
GetVersion
GlobalAlloc
GetNextVDMCommand
GetDriveTypeA
GetStdHandle

Sections

.text
Size: 15KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE