2b1a35bd94f0ec39b75971dbfb33c319_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b1a35bd94f0ec39b75971dbfb33c319_JaffaCakes118
Size

226KB
MD5

2b1a35bd94f0ec39b75971dbfb33c319
SHA1

a1a42f87dcb7a048b9f495748501f42d9ff0c78a
SHA256

984fd8aefa030240eb65bfd466d8d1acd8286f47a2825307f90a7ca2d695bcb0
SHA512

4a861d29fc8ed78012084abf2b21117685b0f60e27448adfc4820b1046093eaa830a3b344f89ace16bf9ee7253faf88026632dba93d585bcd9aecbb728673f9d
SSDEEP

3072:pUeD/oewuAeLhjpmfy61VZ0S3qJ/He0JCaUwwZ78pp8xzhQZAcCPYJWBffDvCY:p5ou3cTZ0S6J/HV0lww6W6ZAKQjX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b1a35bd94f0ec39b75971dbfb33c319_JaffaCakes118

Files

2b1a35bd94f0ec39b75971dbfb33c319_JaffaCakes118
.exe windows:4 windows x86 arch:x86

972c7b26ab4686e04081ef7b3c8ba6e4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ExitProcess
GetCommandLineA
GetConsoleMode
GetCurrentThreadId
GetDateFormatA
GetEnvironmentStringsW
GetFileAttributesA
GetFileType
GetLastError
GetModuleHandleA
GetProcessVersion
GetTickCount
GetVersion
GlobalSize
LoadLibraryA
LocalFree
MulDiv
RaiseException
SetEnvironmentVariableA
SetFileAttributesA
TlsAlloc
TlsFree
TlsGetValue
WriteConsoleW
lstrcmpA

Sections

.text
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1.5MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ