2b71d943d970f9adf697f74e8b67cd5b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b71d943d970f9adf697f74e8b67cd5b_JaffaCakes118
Size

48KB
MD5

2b71d943d970f9adf697f74e8b67cd5b
SHA1

789af7504108bd8e4028710f8b670ebf1cb2668f
SHA256

f012430f840085b2525143c89965049cde80b0d062a34033d2ab2962d3bb8aae
SHA512

fef3e2c061814ee0c08b774d240c5da7f04e463f4db0414ca7930bb0cb729102994e266b987fb9b234a2d6eff434fc5d0186c9a005890252ff525f84a70a78a5
SSDEEP

768:iGGYA2UkHxq7AYhA6FJ3ifTaW2IUQ6QLqdfP9FwG9c1OI3YhA6F:iGD4kHxqvJW2IdHLofPrY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b71d943d970f9adf697f74e8b67cd5b_JaffaCakes118

Files

2b71d943d970f9adf697f74e8b67cd5b_JaffaCakes118
.exe windows:1 windows x86 arch:x86

7b3288f6c07a68a5254fef66b7ac998b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CreateFileA
CloseHandle
WriteFile
ExitProcess
DeleteFileA
GetSystemDirectoryA
GetWindowsDirectoryA
GetTempPathA
GlobalFree
GlobalAlloc
GetCommandLineA
Sleep

shell32

ShellExecuteA

Sections

.rsrc1
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata1
Size: 512B - Virtual size: 402B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code1
Size: 512B - Virtual size: 485B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data1
Size: 44KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE