2bc20764af0161976a4fc4967c07eba8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2bc20764af0161976a4fc4967c07eba8_JaffaCakes118
Size

202KB
MD5

2bc20764af0161976a4fc4967c07eba8
SHA1

353dad60f664d742da65495f2a568b3dbd3fe6f7
SHA256

d847d634a62ab6c715ad10c0ce87338c7e2271ecf2fd63080b7d0d00bf28a4d8
SHA512

81428df3c98837405e28cbcd803e479410ccc143fbfb47bded345c64c597df476ae7430e8d92deecfcffa321fb844063ea61482c41f53e3ff77577a9ed3d6ce0
SSDEEP

3072:SZ+bX7FfY2tdN+08J1Q7cHzPJShmy7Nr62CZp6eFltawKJea0NGGCc:SZoX5g2tdNjG+Iohmy7h+p6eFPTb8v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bc20764af0161976a4fc4967c07eba8_JaffaCakes118

Files

2bc20764af0161976a4fc4967c07eba8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

22deaa3e5166e3019a02358581c9a9ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

_lopen
ExitProcess

user32

MessageBoxA

shell32

ShellExecuteA

Sections

Size: 41KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 14KB - Virtual size: 420KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zndh
Size: 142KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE