2d7edb58ca76898b1027959f3501aa1e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2d7edb58ca76898b1027959f3501aa1e_JaffaCakes118
Size

10KB
MD5

2d7edb58ca76898b1027959f3501aa1e
SHA1

d53cb7c68a2696520a6aa74a282c569bb66dd172
SHA256

85147d721fc17e97c634e20b82d9f02a3c70acb998cbc40985c3981823ef02f6
SHA512

1b44a9c70499e6ba5aeb1fc6705cb40872d66026bb976671af81cf7b07042fed03554f00fd9b91e4e1b4546e1133ae708bf4d0ebf8d4c833fc39b93ea55eabfc
SSDEEP

96:O/CHCTvbHMys7M/a8iLsYde2J8QvV+ObA+s161usbDpVcq67X+PQkPZyfLxb7QDT:6CHCTjFaZo2CGTb1PZyfLxb7Sn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d7edb58ca76898b1027959f3501aa1e_JaffaCakes118

Files

2d7edb58ca76898b1027959f3501aa1e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ac2e36bb4cb5a45382a4e1bd81e4903f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

AddAtomA
AllocConsole
CopyFileA
CreateThread
ExitProcess
FindAtomA
GetAtomNameA
GetModuleFileNameA
GetModuleHandleA
GetSystemDirectoryA
GetWindowsDirectoryA
SetUnhandledExceptionFilter
Sleep

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
abort
atexit
exit
fclose
fflush
fopen
fprintf
fputc
free
malloc
memset
signal
sprintf
strcat

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExA

user32

FindWindowA
GetAsyncKeyState
GetForegroundWindow
GetWindowTextA
ShowWindow

wininet

FtpPutFileA
InternetCloseHandle
InternetConnectA
InternetOpenA

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 176B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE