2bb09a8c0140e248513226e9a0c794e2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2bb09a8c0140e248513226e9a0c794e2_JaffaCakes118
Size

24KB
MD5

2bb09a8c0140e248513226e9a0c794e2
SHA1

55b9522b08103d0dd76235cc55aeacc3633e1fba
SHA256

ff0598605b2aa53c3d359c8c9b23bcede9becce02ed87e2913f7a7a1251f4df5
SHA512

517cb626cbb83a76e5b08e19d06f9f8de09f2b3ea19e94a23db6a34de58618a8e11cd25f04e4ca8ae2c993280f9a380ddebbae5b5c378022ec67bcbdc091d1ab
SSDEEP

96:JtPNwa0rnJ8F5zzMYWJJQT1/7mZOZuBScRUobHSImb/8I0P0s2bF:jPurSFJzyS1TEVWJhPF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bb09a8c0140e248513226e9a0c794e2_JaffaCakes118

Files

2bb09a8c0140e248513226e9a0c794e2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

36d868851578a1416759b24f52606d5e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
OpenProcess
GetCurrentProcessId
CreateProcessA
CloseHandle
WriteFile
CreateFileA
FreeLibrary
DeleteFileA
ExitProcess
GetModuleHandleA
GetVersion
GetProcAddress
LoadLibraryA
ReadFile
SetFilePointer
GetModuleFileNameA
GetStartupInfoA
GetCommandLineA
HeapAlloc
GetProcessHeap

user32

wvsprintfA
CharToOemA

Sections

.avx��
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE