2ead8114f9a5cfd395e1104b5ed076db_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ead8114f9a5cfd395e1104b5ed076db_JaffaCakes118
Size

11KB
MD5

2ead8114f9a5cfd395e1104b5ed076db
SHA1

ce132b7ca4af6500d36e5b9ba79a56efcd4a65a1
SHA256

90e83c53a9918dbadd6ef8c67d97c7174b4f3ce288dea9dd3ce56128843f31ed
SHA512

2e08c825360b519aad66013780963292f32e72f53018cb9ae6711e32378e95d8c2b772e172ba432824227070724732df3c4ec06b9d327a22f35aedc540c78029
SSDEEP

192:3dx7M0Q6AKTV/ND7c/xuORfitk+LWNtUYqwmzoU/:thQ3+2CtDOIkU/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ead8114f9a5cfd395e1104b5ed076db_JaffaCakes118

Files

2ead8114f9a5cfd395e1104b5ed076db_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b4ffa77fbe75326318dbe44ea038e996

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteExA
ShellExecuteA

kernel32

WriteFile
GetCommandLineA
ExitProcess
LocalAlloc
LocalFree
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
GetVersionExA
CloseHandle
CreateFileA
DeleteFileA
GetTempFileNameA
GetTempPathA
GetExitCodeProcess
WaitForSingleObject

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 616B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 11B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE