2b35bf7a5b23c07b3ee9240e47eeac98_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b35bf7a5b23c07b3ee9240e47eeac98_JaffaCakes118
Size

40KB
MD5

2b35bf7a5b23c07b3ee9240e47eeac98
SHA1

bbcedce0034b547f812eedf39bf89afa3f3c991c
SHA256

d8872ba4f8963fce86889615169bc2dceab6f3755c26fd1cc115971b190679ef
SHA512

6c0406cf607ddaa68cd95cdf7d73bb88911ccaaa43185eb5125ae2517bbdcb231979530522b949b3ad4f3f822ae97a1476b077d2f14339a77d66fd94efb74466
SSDEEP

384:p47WMpjBXa9ftRumACaHnIe+TYrL7Iw7fe2XysdaHkQe7Aj44eCo7:m7WMptClR/Rssr2XbGPZU4eCo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b35bf7a5b23c07b3ee9240e47eeac98_JaffaCakes118

Files

2b35bf7a5b23c07b3ee9240e47eeac98_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7197ebce97d044c0225ad1c0a4cf9670

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
CreateDirectoryW
GetLastError
CreateFileW
LocalFree
GetModuleHandleA
GetStartupInfoW
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
HeapAlloc
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
SetFilePointer
SetStdHandle
WideCharToMultiByte
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers
CloseHandle

advapi32

FreeSid
AllocateAndInitializeSid
SetEntriesInAclW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE