2a9903b04d33288f7b257250d87bbe1b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a9903b04d33288f7b257250d87bbe1b_JaffaCakes118
Size

16KB
MD5

2a9903b04d33288f7b257250d87bbe1b
SHA1

906febc447653fdb842d7756fa63752b2651e7ff
SHA256

412049e92b636e19689f6cf4c0e94657570d02ac36ca8328ed116d3680c7fc61
SHA512

9ccface7f40636294f10c3c62a165937554719ce3cdb1deeb4ee4da9db9af91dd86f39680715179f428ac068aace9255c81470e0d463f379243aec0a1285122d
SSDEEP

192:MkjzJNNAVMp8fGw5L6P1oynDsqpmvP1dx:1jV3YoCfLE11GvP1dx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a9903b04d33288f7b257250d87bbe1b_JaffaCakes118

Files

2a9903b04d33288f7b257250d87bbe1b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0aa8225e328236c5b5783d98cb5a1199

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

advapi32

RegOpenKeyExA
RegSetValueExA
RegCloseKey
RegQueryValueExA

msvcrt

__set_app_type
_except_handler3
_controlfp
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
__p__fmode

kernel32

GetStartupInfoA
FindFirstFileA
FindClose
GetSystemDirectoryA
CreateDirectoryA
GetLastError
CopyFileA
SetCurrentDirectoryA
WinExec
Sleep
GetModuleHandleA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 732B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE