2ee9e528866faccff6966f5d1fce8fd9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ee9e528866faccff6966f5d1fce8fd9_JaffaCakes118
Size

12KB
MD5

2ee9e528866faccff6966f5d1fce8fd9
SHA1

cda071c330873658b9f517df5104f82b4f99cb44
SHA256

248a2f8375cf72e4f2ddb8341e43d91f6395c7021349af8e970fc7171742e14a
SHA512

99e66254d6da8b57bfc7722e22de5caba1593bb9579575c355c50125e00e16d117cda54718fd757df1d1bc6d91ea49842fe3ba19483f0aa9863192ae8f502123
SSDEEP

192:xgrHh2Geby6xSMTcWvXwo5JeHPLarch6cUoynmd1sE4e:xgjhgOMTcWvAouDar66ZA1x4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ee9e528866faccff6966f5d1fce8fd9_JaffaCakes118

Files

2ee9e528866faccff6966f5d1fce8fd9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b8ed51d2eaf73821051bf0230bb49cda

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetModuleFileNameW
AllocConsole
CloseHandle
WriteFile
CreateFileA
GlobalFree
GlobalAlloc
LocalFree
LocalAlloc
GetModuleHandleA
GetStartupInfoA

msvcrt

fwrite
fputs
fseek
fopen
exit
realloc
fclose
malloc
strchr
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__dllonexit
_onexit
wcslen
free

Exports

Exports

XpEvVd
hykIhyrVsJ
nXjBXWNY
tkLCaUheDU

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ