2bb181c19ee0b032665458b3b54e3cd9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2bb181c19ee0b032665458b3b54e3cd9_JaffaCakes118
Size

4KB
MD5

2bb181c19ee0b032665458b3b54e3cd9
SHA1

f6ab3b45529b25dd7f4c79fd8862b000ff164cc3
SHA256

c79cf71542796b863f434734205f2e606e4e239f11ff42e5119a7a8bed2c61ca
SHA512

7ef602a8acfcb859ffa3bd6415fd1a31d8ed634dee446fb5ab3c7319c26d7be056cd9fd4267b00c522e62f82fd6c25899ea799c052032f860884f841c8c5ba4e
SSDEEP

48:alnfEE/c/9WlA/jYniUWFJfiTnls85/YUGUwisiBcJf/Btbv:hE/c/9WlA/jYzzD/YUPwkyJnr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bb181c19ee0b032665458b3b54e3cd9_JaffaCakes118

Files

2bb181c19ee0b032665458b3b54e3cd9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6af48c7a7d63b2c8c4c1c11edc2ffdfd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrToIntA

kernel32

GetFileSize
lstrcpynA
CloseHandle
CreateFileA
CreateFileMappingA
ExitProcess
FlushViewOfFile
GetCommandLineA
GetProcAddress
GetSystemTime
LoadLibraryA
MapViewOfFile
UnmapViewOfFile

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ