2be81a8c1094289636cc9c7e3fc87614_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2be81a8c1094289636cc9c7e3fc87614_JaffaCakes118
Size

36KB
MD5

2be81a8c1094289636cc9c7e3fc87614
SHA1

19a6dab94f3c3d70f2d6ee5d86be8dcc2718e93c
SHA256

a7d8083106322097916ce172de247f183d07326127f93fdc37350ebe1257a78c
SHA512

fe092f6e5c6ef7266179526ac19c7adf673ef5b7805e299c1bc5aac34b63538d8081cf955ee48261c7ea124de4851df7091b4a209615599ab9c8e0e1ec59dbdc
SSDEEP

768:op2OaTq5wjpyTjNm0qDKcp5iVvjJrPc4Uo0:8z5OpylDqDKk5iVlopo0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2be81a8c1094289636cc9c7e3fc87614_JaffaCakes118

Files

2be81a8c1094289636cc9c7e3fc87614_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4941927ccfad36386182b3b1f0575a09

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStrings
GetStartupInfoA
GetModuleFileNameA
ExitProcess
TerminateProcess
GetCurrentProcess
HeapAlloc
GetModuleHandleA
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
HeapFree
VirtualAlloc
HeapReAlloc
WideCharToMultiByte
SetHandleCount
GetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
CreateProcessA
GetEnvironmentStringsW
RtlUnwind
WriteFile
GetLastError
SetFilePointer
MultiByteToWideChar
GetCPInfo
CompareStringA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
FlushFileBuffers
GetProcAddress
LoadLibraryA
SetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
CloseHandle
SetEnvironmentVariableW

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE