2acf02ff34a141df946bc836667d626f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2acf02ff34a141df946bc836667d626f_JaffaCakes118
Size

36KB
MD5

2acf02ff34a141df946bc836667d626f
SHA1

20dbb2e6ddb9d5660ec125aec7802e5a85084fb3
SHA256

2bd0cabf9e58d8a822fa9ae27f486275cbe535d32c9e2bd1947a6ff46802aa80
SHA512

fc2b17ffb04f7c2970f4545a8a9544ececb289137e4798334d7371a876bfd7fa065a97af63360611ecf10a38eba6a08ce427d93e998cb198afc4031a099a3f3f
SSDEEP

768:vaBltvRngPtHSQL25CxDjcZ3hinEkcdqjor2qYI0dw4:vWl3UH122DjWhinEkEqsRYI4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2acf02ff34a141df946bc836667d626f_JaffaCakes118

Files

2acf02ff34a141df946bc836667d626f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f818c9e1378669a176110e91bb0c04e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CopyFileA
CreateMutexA
ExitProcess
FreeResource
GetACP
GetCommandLineA
GetLocalTime
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetSystemDirectoryA
GetWindowsDirectoryA
Module32Next
OutputDebugStringA
ReadFile
RtlUnwind
VirtualAlloc
VirtualAllocEx
VirtualFree
VirtualFreeEx

msvcrt

__getmainargs
__p__commode
__p__fmode
_except_handler3
_exit
fprintf
rand
vswprintf

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ